Category: Microsoft|May 7, 2019 | Author: Admin

Multiple Vulnerabilities In Microsoft Server Infrastructure Allows Arbitrary Code Execution

Share on

Researchers have discovered numerous vulnerabilities in Microsoft server. These vulnerabilities, upon exploit, could threaten the integrity and confidentiality of the systems. Two of these vulnerabilities could even allow arbitrary code execution.

Researchers have discovered numerous vulnerabilities in Microsoft servers. These vulnerabilities, upon exploit, could threaten the integrity and confidentiality of the systems. Two of these vulnerabilities could even allow arbitrary code execution.

 

Vulnerabilities In Microsoft Server Infrastructure
Recently, researchers at Swascan have found multiple security vulnerabilities affecting the Microsoft server infrastructure. These vulnerabilities could lead to varying results. They have allegedly discovered several flaws, two of which could result in arbitrary code execution.

 

As stated in their blog post, the Swascan team has spotted five different security flaws.

 

Swascan identified 5 vulnerabilities related to Microsoft’s server infrastructure. If exploited, these weaknesses could have easily impacted the system’s integrity, availability, and confidentiality.

 

These include two vulnerabilities with high severity, a single medium severity flaw, and two low severity bugs.

 

Although, they haven’t explicitly disclosed the actual vulnerabilities. They have hinted about the flaws via CWE (Common Weakness Enumeration) types. As deduced from the description, the vulnerabilities predominantly include code injection and improper restrictions of operations within the bounds of memory, and information disclosure flaws. The initial two flaws could lead to arbitrary code execution.

 

Microsoft Patched The Flaws
Upon discovering the security flaws, Swascan team approached the Microsoft team to alert them of the flaws in Microsoft’s IT infrastructure. Together, they both worked to resolve the issues. Nonetheless, neither Microsoft nor the researchers disclosed the details about the existence and the technicalities of the flaws.

 

Swascan appreciated the professional handling of this matter by Microsoft experts.

 

Microsoft’s focus on our findings, along with email exchanges and evaluations were among the most serious, professional and transparent collaborations.

 

The Swascan co-founder, Pierguido Iezzi, also emphasized the importance of close collaboration between security experts and vendors.

 

Let us know your thoughts about the article in the comments section below

Sponsored Ads:

Comments:


MediaTek shows the world’s first live demos of Wi-Fi 7 technology

Category: IT|Jan 22, 2022 | Author: Admin

iOS 15-hole leaked private Apple ID data to third-party apps

Category: Apple|Jan 21, 2022 | Author: Admin

Had to crisis-postpone new 5G standard in the US to avoid plane chaos

Category: IT|Jan 20, 2022 | Author: Admin

No one found out that the iPhone 13 is missing this until now

Category: Apple|Jan 19, 2022 | Author: Admin

Safari leaks your browser history

Category: General|Jan 18, 2022 | Author: Admin

Chromium Trouble - Can't change default search engine anymore

Category: Google|Jan 17, 2022 | Author: Admin

Here, developers are allowed by Apple to offer alternative payment methods

Category: Apple|Jan 16, 2022 | Author: Admin

Microsoft refuses to correct the error - took matters into its own hands

Category: Microsoft|Jan 15, 2022 | Author: Admin

Now Meta gets the authorities on its neck, again

Category: General|Jan 14, 2022 | Author: Admin

Has invested heavily in podcasts - now Spotify is closing down the studio

Category: General|Jan 13, 2022 | Author: Admin

Claims HomePod mini is on its way to Norway

Category: General|Jan 12, 2022 | Author: Admin

Linux gets the function everyone wants

Category: IT|Jan 11, 2022 | Author: Admin

Flasher RTX 3080 Ti with 3090 BIOS for extra efficient Ethereum mining

Category: General|Jan 10, 2022 | Author: Admin

Dice continues to destroy for himself: removed favorite from Battlefield 2042

Category: General|Jan 9, 2022 | Author: Admin

NBN Co applies fix to get hundreds of Sky Muster satellite services back online

Category: IT|Jan 8, 2022 | Author: Admin
more