Home / bulletins MS11-042 - Critical: Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512) - Version:1.1
Posted on 15 June 2011
There is an newer version: MS11-042 - Version: 1.1
CriticalSeverity Rating: Critical - Revision Note: V1.1 (June 14, 2011): Moved Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 from the affected software table to the non-affected software table. This is an informational change only. There were no changes to the security update files or detection logic.Summary: This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Other versions
- MS11-042 - Version: 1.0
- MS11-042 - Version: 1.1
- MS11-042 - Version: 1.1