Monday, July 16, 2007

Vulnerability in Windows Active Directory Could Allow Remote Code Execution

I know a lot of you (83%!) are running Active Directory so if you haven't looked at this just published (last week) security bulletin you should: Vulnerability in Windows Active Directory Could Allow Remote Code Execution. No point in allowing AD to be used by the bad guys, eh? Here's the summary from the article - I've underlined the scary part:

This critical security update resolves a privately reported vulnerability in implementations of Active Directory on Windows 2000 Server and Windows Server 2003 that could allow remote code execution or a denial of service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition. However remote code execution could be possible. On Windows Server 2003 an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

This is a critical security update for supported editions of Windows 2000 and an important security update for supported editions of Windows Server 2003. For more information, see the subsection, Affected and Non-Affected Software, in this section.

This security update addresses the vulnerability by validating the number of convertible attributes in the client LDAP request. For more information about the vulnerability, see the next section, Vulnerability Information.

If you have not subscribed to Microsoft's security bulletins via e-mail or RSS you really should do that...

Technorati Tags:
,

No comments: