Microsoft Plug and Play contains a flaw in message buffer handling that may result in local or remote arbitrary code execution or a denial-of-service condition.
The following is from the Microsoft Plug and Play description:
Plug and Play (PnP) allows the operating system to detect new hardware when you install it on a system. For example, when you install a new mouse on your system, PnP allows Windows to detect it, allows Windows to load the needed drivers, and allows Windows to begin using the new mouse.
A flaw in the methods used to validate user data in the Windows Plug and Play system may allow a remote, authenticated user to execute arbitrary code on some platforms. Note that on other platforms, the user must be a local, authenticated user and that the flaw cannot be exploited remotely.
This vulnerability is similar to the issue reported in MS05-039 (VU#998653). However, the issue reported in MS05-047 (VU#214572) is only exploitable by remote, authenticated attackers on Windows 2000 and Windows XP SP1, and is only exploitable by local, authenticated users on Windows XP SP2.
Proof of concept exploit code has been made public, with the implication that this is being routinely exploited.
A remote, authenticated user may be able to execute arbitrary code.
Apply an update
Microsoft reported this vulnerability, and in turn thank eEye Digital Security for information on the issue.
This document was written by Ken MacInnis.
|Date First Published:||2005-10-11|
|Date Last Updated:||2005-10-27 15:13 UTC|