1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Active Directory vulnerability could allow remote code execution

Report ID: MS201112009
Date Published: 14 December 2011

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2


A vulnerability in Active Directory in Windows could lead to arbitrary code execution, provided that the attacker manages to acquire the log-on credentials to the Active Directory domain.

Detailed Description

Microsoft has released a security update for Windows to address a vulnerability in Active Directory, which is caused by Active Directory processing a malicious query and trying to access improperly initialized memory. To exploit this vulnerability, the attacker must first obtain the log-on credential to the Active Directory domain. Upon successful exploit, the attacker could be able to execute code and take control of the affected system.

This vulnerability has been resolved through the update by introducing changes in the way that objects in memory are handled. Users are recommended to install this latest update as a protection against potential exploits.

CVE Reference



Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-095)

Online Virus Scanner

Run a quick online virus scan of your computer.