KB971032

UpdatesDescription: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue. The security update addresses the vulnerability by modifying the way that the MSMQ service validates input data before passing the data to the allocated buffer.

Update type: Important

Release date: August 11, 2009

Applies to: All versions

Knowledge base: http://support.microsoft.com/kb/971032

Download link: 32-bit | 64-bit

Comments:Here are the specifics on the vulnerabilities covered by this update:

Leave a Reply