Remote code execution vulnerability is present in SMB Client Could in Microsoft Windows - MS11-019ID: oval:org.secpod.oval:def:1040 | Date: (C)2011-05-23 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing a Critical security update according to Microsoft security bulletin, MS11-019. The update is required to fix remote code execution vulnerability in Microsoft Windows. The flaws are present in the SMB Client Could which fails to handle specially crafted SMB response to a client-initiated SMB request and fails to parse malformed browser message through Common Internet File System (CIFS) Browser Protocol. Successful exploitation allows an attacker to execute arbitrary code and take complete control of an affected system.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |