Users' questions

What is MS08-067?

by Rhyley Bryan

What is MS08-067?

http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx. This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely.

What is the CVE number of the exploit reported in Microsoft Security Bulletin MS08-067?

Number one on that list is Microsoft’s security bulletin of MS08-067, and number two on that list is Rapid7’s Metasploit’s module for exploiting it.

Why the MS08-067 exploit is bad?

Many organizations don’t allow psexec because they don’t want authenticated users running code on systems they aren’t logged into. MS08-067 allows unauthenticated users to do that. That’s why it’s a big deal. And when someone tries to run the exploit and does it wrong, they can bluescreen the system.

What is cve 2008 4250?

Description. The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.

What’s the latest version of Microsoft Security Bulletin?

Version: 1.0 This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request.

How to disable Microsoft Security Bulletin ms08-067-critical?

You can disable these services by using the following steps: 1. Click **Start**, and then click **Control Panel** (or point to **Settings** and then click **Control Panel**). 2. Double-click **Administrative Tools**. 3. Double-click **Services**. 4. Double-click **Computer Browser Service**. 5. In the Startup type list, click **Disabled**. 6.

Is the MS08-067 patch critical for Windows XP?

MS08-067 was the later of the two patches released and it was rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.

What did Dustin do in MS08-067 case?

Dustin: In October of 2008, I was a security program manager in the Microsoft Security Response Center (MSRC). It was my job to coordinate the response to vulnerabilities affecting the Windows OS, meaning that among other things, I drove Windows bulletins. The MSRC case that eventually became MS08-067 was assigned to me.