Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
A remote code execution vulnerability has been found in Server Service.
Server Service provides RPC support, file and print support, and named pipe sharing over the network. It allows the sharing of local resources, such as disks and printers, so that they can be accessed over the network. It also allows named pipe communication between applications running computers on the network, which is used for RPC.
The vulnerability for the Server Service lies when the service receives an specially crafted RPC request, and then fails to validate this request while processing certain data. When exploited, this vulnerability can cause a stack overflow and can lead to code execution.
By sending a specially crafted message, remote malicious users can take complete control of an affected system and perform the following:
For information about the specific security update for your affected software, click the appropriate link:
TREND MICRO SOLUTION
Users of Trend Micro PC-cillin Internet Security and Network VirusWall can detect this exploit at the network layer with Network Virus Pattern (NVP) 10269, or later.
Download the latest NVW pattern file from the following site:
The workaround for this vulnerability can be found at:
Connect with us on
| | | |