Public exploits available
On this page
A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. The vulnerability results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer.
An attacker could seek to exploit this vulnerability by creating a specially crafted message and sending it to the Messenger Service on an affected system
Technical details (analysis)
This is a buffer overrun vulnerability. An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail. The attacker could then be able to take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. The vulnerability results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer.
Microsoft Windows NT Workstation 4.0, Service Pack 6a.
Microsoft Windows NT Server 4.0, Service Pack 6a.
Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6.
Microsoft Windows 2000, Service Pack 2, Service Pack 3, Service Pack 4.
Microsoft Windows XP Gold, Service Pack 1.
Microsoft Windows XP 64-bit Edition.
Microsoft Windows Server 2003.
Microsoft Windows Server 2003 64-bit Edition.
Microsoft Windows Millennium Edition
Release Date: 2003-10-15T00:00:00
Known false positives
No known false positives at this time.
Disable the Messenger Service.
Use a personal firewall such as Internet Connection Firewall (only available on XP and Windows Server 2003).