Head Topics

Anatomy of a Windows Network File System vulnerability

Belgique Nouvelles Nouvelles

Anatomy of a Windows Network File System vulnerability
Belgique Dernières Nouvelles,Belgique Actualités
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 44 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 21%
  • Publisher: 61%

Windows Network File System flaw results in arbitrary code execution as SYSTEM

Trend Micro Research has published an anatomy of a Windows remote code execution vulnerability lurking in the Network File System.

The vulnerability in question, CVE-2022-30136, was patched by Microsoft in June but the research makes for interesting reading both in terms of the vulnerability itself and the potential for exploitation. The vulnerability was contained within the Windows Network Filing System and was due to improper handling of NFSv4 requests. It could be exploited by sending malicious RPC calls to a target server. Successful exploitation could result in arbitrary code execution as SYSTEM while unsuccessful exploitation could just crash the target.

The roots of NFS go right back to the work of Sun Microsystems in 1984 and the vulnerability existed in the Windows implementation. NFS uses Open Network Computing Remote Procedure Call to exchange control messages. The Windows vulnerability was"due to incorrect calculation of the size of response messages,"

Nous avons résumé cette actualité afin que vous puissiez la lire rapidement. Si l'actualité vous intéresse, vous pouvez lire le texte intégral ici. Lire la suite:

TheRegister /  🏆 67. in UK

Belgique Dernières Nouvelles, Belgique Actualités

Similar News:Vous pouvez également lire des articles d'actualité similaires à celui-ci que nous avons collectés auprès d'autres sources d'information.

Lenovo fixes trio of UEFI vulnerabilitiesLenovo fixes trio of UEFI vulnerabilitiesDéjà vu all over again for laptop maker as researchers poke holes in its code
Lire la suite »

Windows 8.1 has begun warning users of its imminent demiseWindows 8.1 has begun warning users of its imminent demiseNot long to go now before it follows Windows 7 into the long dark night.
Lire la suite »

Delta Airlines takes flight with Amazon Web ServicesDelta Airlines takes flight with Amazon Web ServicesIf you look out the window to your left, you'll see we've outsourced our infrastructure
Lire la suite »

Investigation starts into death of tragic Leeds tot who fell from tower blockInvestigation starts into death of tragic Leeds tot who fell from tower blockInvestigation launched into death of tragic Leeds tot who fell out of seventh floor window as inquest opens
Lire la suite »

Twitter is down: Everything we know about the outage on the social media siteTwitter is down: Everything we know about the outage on the social media siteSome of the speculation as to why Twitter just suffered a massive outage is pretty funny, tbf. TwitterDown -
Lire la suite »

Windows 11 update brings back ripping CDs so you can pretend its 2002 againWindows 11 update brings back ripping CDs so you can pretend its 2002 againYou can finally rip your favorite Sugababes and Spice Girls albums once more in Windows 11.
Lire la suite »



Render Time: 2025-04-04 07:55:35