{"id":72676,"date":"2011-02-20T05:52:52","date_gmt":"2011-02-20T05:52:52","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72676"},"modified":"2011-02-20T05:52:52","modified_gmt":"2011-02-20T05:52:52","slug":"microsoft-windows-smb-mrxsmb-sys-remote-heap-overflow-vulnerability","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/microsoft-windows-smb-mrxsmb-sys-remote-heap-overflow-vulnerability\/","title":{"rendered":"Microsoft Windows SMB &#8220;mrxsmb.sys&#8221; Remote Heap Overflow Vulnerability"},"content":{"rendered":"<p><strong>Technical Description<\/strong><br \/>\nA vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers or malicious users to cause a denial of service or take complete control of a vulnerable system. This issue is caused by a heap overflow error in the &#8220;BowserWriteErrorLogEntry()&#8221; function within the Windows NT SMB Minirdr &#8220;mrxsmb.sys&#8221; driver when processing malformed Browser Election requests, which could be exploited by remote unauthenticated attackers or local unprivileged users to crash an affected system or potentially execute arbitrary code with elevated privileges.<\/p>\n<p><strong>Affected Products<\/strong><br \/>\nMicrosoft Windows XP Service Pack 3<br \/>\nMicrosoft Windows XP Professional x64 Edition Service Pack 2<br \/>\nMicrosoft Windows Server 2003 Service Pack 2<br \/>\nMicrosoft Windows Server 2003 x64 Edition Service Pack 2<br \/>\nMicrosoft Windows Server 2003 SP2 (Itanium)<br \/>\nMicrosoft Windows Vista Service Pack 1<br \/>\nMicrosoft Windows Vista Service Pack 2<br \/>\nMicrosoft Windows Vista x64 Edition Service Pack 1<br \/>\nMicrosoft Windows Vista x64 Edition Service Pack 2<br \/>\nMicrosoft Windows Server 2008 (32-bit)<br \/>\nMicrosoft Windows Server 2008 (32-bit) Service Pack 2<br \/>\nMicrosoft Windows Server 2008 (64x)<br \/>\nMicrosoft Windows Server 2008 (64x) Service Pack 2<br \/>\nMicrosoft Windows Server 2008 (Itanium)<br \/>\nMicrosoft Windows Server 2008 (Itanium) Service Pack 2<br \/>\nMicrosoft Windows 7 (32-bit)<br \/>\nMicrosoft Windows 7 (64x)<br \/>\nMicrosoft Windows Server 2008 R2 (64x)<br \/>\nMicrosoft Windows Server 2008 R2 (Itanium)<\/p>\n<p><strong>Workaround Solution <\/strong><br \/>\nBlock or filter UDP and TCP ports 137, 138, 139 and 445.<\/p>\n<p><strong>References<\/strong><br \/>\nhttps:\/\/blogs.technet.com\/b\/srd\/archive\/2011\/02\/16\/notes-on-exploitability-of-the-recent-windows-browser-protocol-issue.aspx<br \/>\nhttps:\/\/seclists.org\/fulldisclosure\/2011\/Feb\/285<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Technical Description A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers or malicious users to cause a denial of service or take complete control of a vulnerable system. This issue is caused by a heap overflow error in the &#8220;BowserWriteErrorLogEntry()&#8221; function within the Windows NT SMB Minirdr &#8220;mrxsmb.sys&#8221; driver [&hellip;]<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-72676","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72676"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72676"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72676\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72676"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72676"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72676"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}