Microsoft downplays Windows vulnerability
Microsoft says a vulnerability could allow remote code execution, but it's not likely anyone will be able to do it.
Microsoft has downplayed a Windows vulnerability affecting all versions of the OS that could allow remote code execution.
Earlier this week, a proof of concept exploit was released but Microsoft suggested it was unlikely that the flaw could be used for remote code execution.
The bug was discovered on the BROWSER protocol, which runs on top of the Server Message Block (SMB) protocol on Windows.
"This vulnerability affects Windows machines that have been configured to (A) use the BROWSER network protocol and (B) that then become Master Browser on the local network," said Mark Wodrich, from the Microsoft Security Response Centre, in a blog post.
"The BROWSER protocol uses an election process to determine which system will act as the "master" in terms of data collection and response handling."
Wodrich said the vulnerability was more likely to affect server systems running as the Primary Domain Controller.
"Enterprise networks the Primary Domain Controller (PDC) will become Master Browser, but depending on the network configuration, other computers on the network can become Master Browser, and therefore be vulnerable," he explained.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Wodrich said remote code execution would be possible "if the corrupted memory is used by a thread running on another processor before the RtlCopyMemory triggers a bugcheck, and in a way that can be used to change code execution."
"We feel that triggering any such timing condition reliably will be very difficult," he added.
Wodrich said that businesses following best practices should block the BROWSER protocol at the edge of firewalls to limit attacks on the local network.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.