Active Directory vulnerability could allow remote code execution
Report ID: MS201112009
Date Published: 14 December 2011
Compromise Type: remote-code-execution
Compromise From: remote
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
A vulnerability in Active Directory in Windows could lead to arbitrary code execution, provided that the attacker manages to acquire the log-on credentials to the Active Directory domain.
Microsoft has released a security update for Windows to address a vulnerability in Active Directory, which is caused by Active Directory processing a malicious query and trying to access improperly initialized memory. To exploit this vulnerability, the attacker must first obtain the log-on credential to the Active Directory domain. Upon successful exploit, the attacker could be able to execute code and take control of the affected system.
This vulnerability has been resolved through the update by introducing changes in the way that objects in memory are handled. Users are recommended to install this latest update as a protection against potential exploits.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-095)