DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 311967 - Last Review: August 20, 2012 - Revision: 8.0

This article was previously published under Q311967

On This Page

Symptoms

A buffer overflow (http://www.microsoft.com/security/portal/glossary.aspx) that results in a privilege elevation (http://www.microsoft.com/security/portal/glossary.aspx)  vulnerability exists in Windows XP. If an attacker successfully exploits this vulnerability, the attacker gains complete control over the computer. This permits the attacker to take any action on the computer. These actions might include adding, deleting, or modifying data; creating or deleting user accounts; or adding accounts to the local Administrators group.

Mitigating factors:
  • The Multiple UNC Provider (MUP) request can be levied only by a process on the local computer. Therefore, this vulnerability can be exploited only by a user who can log on to an affected computer interactively (http://www.microsoft.com/security/portal/glossary.aspx)  and run code.
  • Best practices suggest that unprivileged users not be permitted to interactively log on to business-critical servers. If this recommendation has been followed, computers such as domain controllers, Enterprise Resource Planning (ERP) servers, print and file servers, database servers, and others are not be at risk from this vulnerability.

Cause

This vulnerability occurs because the MUP service contains an unchecked buffer. By sending a specially malformed request, an attacker might be able to conduct a buffer-overrun attack against a computer.

Resolution

Windows XP

To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/ ) How to obtain the latest Windows XP service pack

Windows XP 64-Bit Edition

To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/ ) How to obtain the latest Windows XP service pack

Status

Windows XP and Windows XP 64-Bit Edition

Microsoft has confirmed that this problem may cause a degree of security vulnerability in Windows XP and Windows XP 64-bit Edition. This problem was first corrected in Windows XP Service Pack 1.

Applies to
  • Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 6
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT Server 4.0 Enterprise Edition
  • Microsoft Windows NT Workstation 4.0 Developer Edition
Keywords: 
kbbug kbfix kboswin2000fix kbsecurity kbwin2000presp3fix kbwin2000sp3fix kbwinxpsp1fix KB311967
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support