How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

Check Point Advisories

Update Protection against Microsoft Windows Message Queuing Remote Code Execution Vulnerability (MS07-065)

Check Point Reference: CPAI-2007-139
Date Published: 18 Dec 2007
Severity: Critical
Last Updated: 23 Dec 2007
Source: Microsoft Security Bulletin MS07-065
Industry Reference:CVE-2007-3039
Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4
Microsoft Windows XP SP2
Vulnerability Description A buffer overflow vulnerability exists in Microsoft Windows Message Queuing Service. Microsoft Message Queuing (MSMQ) is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across systems that may be temporarily offline. A remote attacker can exploit the MSMQ vulnerability to take complete control over an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS07-065
Vulnerability DetailsThe vulnerability is due to boundary errors in the MSMQ service that fails to properly validate input strings before passing them to the buffer. A remote attacker could exploit this issue via a specially crafted MSMQ message sent to the vulnerable interface. Successful exploitation of this vulnerability could allow remote code execution on the affected system.

Protection Overview