Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Active Directory vulnerability could allow remote code execution


Report ID: MS201112009
Date Published: 14 December 2011

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

A vulnerability in Active Directory in Windows could lead to arbitrary code execution, provided that the attacker manages to acquire the log-on credentials to the Active Directory domain.



Detailed Description

Microsoft has released a security update for Windows to address a vulnerability in Active Directory, which is caused by Active Directory processing a malicious query and trying to access improperly initialized memory. To exploit this vulnerability, the attacker must first obtain the log-on credential to the Active Directory domain. Upon successful exploit, the attacker could be able to execute code and take control of the affected system.

This vulnerability has been resolved through the update by introducing changes in the way that objects in memory are handled. Users are recommended to install this latest update as a protection against potential exploits.



CVE Reference

CVE-2011-3406



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-095)



Online Virus Scanner

 
Run a quick online virus scan of your computer.