Microsoft downplays Windows vulnerability
Microsoft says a vulnerability could allow remote code execution, but it's not likely anyone will be able to do it.
Microsoft has downplayed a Windows vulnerability affecting all versions of the OS that could allow remote code execution.
Earlier this week, a proof of concept exploit was released but Microsoft suggested it was unlikely that the flaw could be used for remote code execution.
The bug was discovered on the BROWSER protocol, which runs on top of the Server Message Block (SMB) protocol on Windows.
"This vulnerability affects Windows machines that have been configured to (A) use the BROWSER network protocol and (B) that then become Master Browser on the local network," said Mark Wodrich, from the Microsoft Security Response Centre, in a blog post.
"The BROWSER protocol uses an election process to determine which system will act as the "master" in terms of data collection and response handling."
Wodrich said the vulnerability was more likely to affect server systems running as the Primary Domain Controller.
"Enterprise networks the Primary Domain Controller (PDC) will become Master Browser, but depending on the network configuration, other computers on the network can become Master Browser, and therefore be vulnerable," he explained.
Wodrich said remote code execution would be possible "if the corrupted memory is used by a thread running on another processor before the RtlCopyMemory triggers a bugcheck, and in a way that can be used to change code execution."
"We feel that triggering any such timing condition reliably will be very difficult," he added.
Wodrich said that businesses following best practices should block the BROWSER protocol at the edge of firewalls to limit attacks on the local network.
Four strategies for building a hybrid workplace that works
All indications are that the future of work is hybrid, if it's not here alreadyFree webinar
The digital marketer’s guide to contextual insights and trends
How to use contextual intelligence to uncover new insights and inform strategiesFree Download
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware riskFree Download
Building a modern strategy for analytics and machine learning success
Turning into business valueFree Download