(MS08-067) Microsoft Windows Server Service Vulnerability (958644)

Overview

A vulnerability exists, in Microsoft Windows Server Service, which may allow for remote code execution.

The Microsoft Server Service allows for local resource sharing via RPC. A vulnerability exists, in Microsoft Windows Server Service, which may allow for remote code execution. The flaw lies in the improper handling of specially-crafted (malicious) RPC requests. In a successful attack scenario, an attacker could potentially take full control of a target system via this vulnerability.

Attack Vector

Malicious local network traffic

User Interaction

no user interaction is needed

Vendor Status

Responded and patched

Vulnerable Systems

Windows   2008,

Timeline

2008-10-23

Vendor has provided a patch.

2008-10-23

Exploit code has been released.

2008-10-23

A proof of concept has been released.

2008-11-16

A proof of concept has been released.

Recommendations

Download and install the patch available from Microsoft(958644):
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Recommendations McAfee Product Mitigation

Additional Resources

Vulnerability in Server Service Could Allow Remote Code Execution (958644)
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx