"Successful exploitation allows execution of arbitrary code, but requires that the MSMQ (Microsoft Message Queuing) service is installed (not installed by default)."
--------------------------- TITLE: Microsoft Windows Pragmatic General Multicast Code Execution SECUNIA ADVISORY ID: SA21851 VERIFY ADVISORY: http://secunia.com/advisories/21851/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network OPERATING SYSTEM: Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows XP, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of PGM (Pragmatic General Multicast) messages and can be exploited via a specially crafted multicast message. Successful exploitation allows execution of arbitrary code, but requires that the MSMQ (Microsoft Message Queuing) service is installed (not installed by default). SOLUTION: Apply patch. Microsoft Windows XP SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=ce264ac4-6ca3-4732-9016-3143ff1bca2f ORIGINAL ADVISORY: MS06-052 (KB919007): http://www.microsoft.com/technet/security/Bulletin/MS06-052.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
