Public exploits available
On this page
A remote code execution vulnerability exists in Message Queuing that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
An attacker who successfully exploited this vulnerability could take complete control of the affected system.
Technical details (analysis)
Microsoft Message Queuing technology enables applications that are running at different times to communicate across heterogeneous networks and across systems that may be temporarily offline. Applications send messages to queues and read messages from queues. Message Queuing provides guaranteed message delivery, efficient routing, security, and priority-based messaging. It can be used to implement solutions for both asynchronous and synchronous messaging scenarios. An unchecked buffer in the Message Queuing component causes the vulnerability to trigger. An attacker could try to exploit the vulnerability by creating a specially crafted message and sending the message to an affected system. The message could then cause the affected system to execute code.
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows 98 and Microsoft Windows 98 Second Edition (SE)
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003 and Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Millennium Edition (ME)
Release Date: 2005-04-12T00:00:00
Known false positives
No known false positives at this time
Block the following at the firewall: UDP ports 135, 137, 138, 445, 1801, and 3527, and TCP ports 135, 139, 445, 593, 1801, 2101, 2103, 2105, and 2107
Remove Message Queuing if you do not need it.