/>
X

Microsoft fixes gaping hole in Windows TCP/IP stack

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Microsoft urges Windows users to treat this update with the utmost priority.
ryan-naraine.jpg
Written by Ryan Naraine, Contributor on

Microsoft has released its November batch of security bulletins with fixes for at least four documented vulnerabilities affecting the Windows operating system.

The updates address remote code execution and denial-of-service issues in all versions of Windows and Microsoft is urging its user base to pay special attention to MS11-083, which covers a gaping hole in the Windows TCP/IP stack.

The raw details:

A remote code execution vulnerability exists in the Windows TCP/IP stack due to the processing of a continuous flow of specially crafted UDP packets. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Because of the "critical" nature of this update, Microsoft is urging Windows users and administrators to treat MS11-083 with the utmost priority.

The company also fixed a serious vulnerability in Windows Mail that exposes users to hacker attacks via the Web browser.

Some basic details via the MS11-085 bulletin:

The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application.

Microsoft expects to see functional exploit code for this vulnerability within the next 30 days.

The November Patch Tuesday batch also contains fixes for a privilege escalation flaw in Active Directory (MS11-086) and a vulnerability in Windows kernel mode drivers (MS11-084) that could allow denial-of-service attacks.

Related

Are you ready for the worst Economy Class airline seats in the world?
airline-seats.jpg

Are you ready for the worst Economy Class airline seats in the world?

Business
Remote working vs back to the office: Benefits are clear, but there could be trouble ahead for some
A middle aged man in casual attire sat at his computer desk speaking to colleagues via a split-screen video chat application

Remote working vs back to the office: Benefits are clear, but there could be trouble ahead for some

Professional Development
Microsoft Azure-certified roles are well-paid, and you can study for certification for $39
replace-this-image.jpg

Microsoft Azure-certified roles are well-paid, and you can study for certification for $39

Deals