Microsoft has issued a patch for a remote code execution vulnerability in WINS, the Windows Internat name service, as part of May’s Patch Tuesday. The vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. The fix corrects a logic error that occurs when buffers are passed as parameters.
This security update is rated Critical for servers running WINS on Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2. Itanium installations aren’t affected.
According to Computerworld some security researchers think Microsoft is trying to play down the importance of this patch as the summary stated that “by default, WINS is not installed on any affected operating system. Only customers who manually installed this component are affected by this issue.” But the probability is that most government and corporate networks have WINS installed in the data center.
The other security problem fixed on May’s Patch Tuesday was a remote code execution in PowerPoint. If a user opened a specially crafted malicious PowerPoint file an attacker could gain the same user rights as a logged-on user. Affected versions of Office are Microsoft Office XP, 2003 and 2007. But also Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac and the Open XML File Format Converter for Mac.