A vulnerability exists in the way the Microsoft Windows browser service handles Browser Election messages.
"The browser service maintains a list of the domain name or workgroup name the computer is in, and the protocol being used for each computer on the network segment being served by the computer running the browser service. On each network segment, a master browser is elected from the group of computers located on the segment that are running the browser service."
Using a specially crafted Browser Election message, an attacker may be able to cause a Denial of Service (DoS) or execute arbitrary code.
Apply an update
This document was written by David Warren.
|Date First Published:||2011-02-16|
|Date Last Updated:||2011-04-15 14:05 UTC|