IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft downplays Windows vulnerability

Microsoft says a vulnerability could allow remote code execution, but it's not likely anyone will be able to do it.

Security

Microsoft has downplayed a Windows vulnerability affecting all versions of the OS that could allow remote code execution.

Earlier this week, a proof of concept exploit was released but Microsoft suggested it was unlikely that the flaw could be used for remote code execution.

The bug was discovered on the BROWSER protocol, which runs on top of the Server Message Block (SMB) protocol on Windows.

"This vulnerability affects Windows machines that have been configured to (A) use the BROWSER network protocol and (B) that then become Master Browser on the local network," said Mark Wodrich, from the Microsoft Security Response Centre, in a blog post.

"The BROWSER protocol uses an election process to determine which system will act as the "master" in terms of data collection and response handling."

Wodrich said the vulnerability was more likely to affect server systems running as the Primary Domain Controller.

"Enterprise networks the Primary Domain Controller (PDC) will become Master Browser, but depending on the network configuration, other computers on the network can become Master Browser, and therefore be vulnerable," he explained.

Wodrich said remote code execution would be possible "if the corrupted memory is used by a thread running on another processor before the RtlCopyMemory triggers a bugcheck, and in a way that can be used to change code execution."

"We feel that triggering any such timing condition reliably will be very difficult," he added.

Wodrich said that businesses following best practices should block the BROWSER protocol at the edge of firewalls to limit attacks on the local network.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How to virtualise Windows 7 inside Windows 10
Microsoft Windows

How to virtualise Windows 7 inside Windows 10

9 Sep 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022