===================================================================== CERT-Renater Note d'Information No. 2009/VULN329 _____________________________________________________________________ DATE : 12/08/2009 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 2000 Server, Windows Server 2003 running WINS. ====================================================================== KB969883 http://www.microsoft.com/technet/security/bulletin/ms09-039.mspx ______________________________________________________________________ Microsoft Security Bulletin MS09-039 - Critical Vulnerabilities in WINS Could Allow Remote Code Execution (969883) Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue. This security update is rated Critical for all supported editions of Microsoft Windows 2000 Server Service Pack 4 and Windows Server 2003. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the vulnerabilities by correcting the manner in which the WINS service calculates buffer length and introducing proper data validations on received packets on the WINS server. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Recommendation. The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. Known Issues. None Affected Software Microsoft Windows 2000 Server Service Pack 4 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Vulnerability Information WINS Heap Overflow Vulnerability - CVE-2009-1923 A remote code execution vulnerability exists in the Windows Internet Name Service (WINS) due to a buffer overflow caused by incorrect calculation of buffer length when processing specially crafted WINS network packets. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. WINS Integer Overflow Vulnerability - CVE-2009-1924 A remote code execution vulnerability exists in the default configuration of the Windows Internet Name Service (WINS) due to insufficient validation of data structures within specially crafted WINS network packets received from a trusted WINS replication partner. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================