Remote Code Execution Possible in Windows Print Spooler, Telephony Service, and Plug and Play Subsystem

Remote Code Execution Possible in Windows Print Spooler, Telephony Service, and Plug and Play Subsystem

Reported August 9, 2005 by Microsoft

VERSIONS AFFECTED

DESCRIPTION

The Windows Print Spooler contains an unchecked buffer that might allow a remote intruder to take complete control of an affected system.

A flaw in the way the Windows Telephony service processes data and performs validation could allow a remote intruder to take complete control of an affected system.

The Windows Plug and Play subsystem contains an unchecked buffer that might allow a remote intruder to take complete control of an affected system.

VENDOR RESPONSE

Microsoft released Security Bulletin MS05-043, "Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)," and an associated patch to correct the problem with the Print Spooler service

Microsoft released Security Bulletin MS05-040, "Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)," and an associated patch to correct the problem with Telephony service.

Microsoft released Security Bulletin MS05-039, "Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)", and an associated patch to correct the problem with the Plug and Play subsystem.

CREDITS

Kostya Kortchinsky of CERT RENATER reported the vulnerability in the Print Spooler and Telephony services; Neel Mehta of ISS X-Force reported the vulnerability in the Plug and Play subsystem; Jean-Baptiste Marchand of Herve Schauer Consultants worked with Microsoft on problems related to the Plug and Play subsystem.