Check Point Advisories

Update Protection against Microsoft Windows Message Queuing Remote Code Execution Vulnerability (MS07-065)

Check Point Reference: CPAI-2007-139
Date Published: 18 Dec 2007
Severity: Critical
Last Updated: 23 Dec 2007
Source: Microsoft Security Bulletin MS07-065
Industry Reference:CVE-2007-3039
Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4
Microsoft Windows XP SP2
Vulnerability Description A buffer overflow vulnerability exists in Microsoft Windows Message Queuing Service. Microsoft Message Queuing (MSMQ) is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across systems that may be temporarily offline. A remote attacker can exploit the MSMQ vulnerability to take complete control over an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS07-065
Vulnerability DetailsThe vulnerability is due to boundary errors in the MSMQ service that fails to properly validate input strings before passing them to the buffer. A remote attacker could exploit this issue via a specially crafted MSMQ message sent to the vulnerable interface. Successful exploitation of this vulnerability could allow remote code execution on the affected system.

Protection Overview