Category: Microsoft|May 7, 2019 | Author: Admin

Multiple Vulnerabilities In Microsoft Server Infrastructure Allows Arbitrary Code Execution

Share on

Researchers have discovered numerous vulnerabilities in Microsoft server. These vulnerabilities, upon exploit, could threaten the integrity and confidentiality of the systems. Two of these vulnerabilities could even allow arbitrary code execution.

microoft-bug.jpg

Researchers have discovered numerous vulnerabilities in Microsoft servers. These vulnerabilities, upon exploit, could threaten the integrity and confidentiality of the systems. Two of these vulnerabilities could even allow arbitrary code execution.

 

Vulnerabilities In Microsoft Server Infrastructure
Recently, researchers at Swascan have found multiple security vulnerabilities affecting the Microsoft server infrastructure. These vulnerabilities could lead to varying results. They have allegedly discovered several flaws, two of which could result in arbitrary code execution.

 

As stated in their blog post, the Swascan team has spotted five different security flaws.

 

Swascan identified 5 vulnerabilities related to Microsoft’s server infrastructure. If exploited, these weaknesses could have easily impacted the system’s integrity, availability, and confidentiality.

 

These include two vulnerabilities with high severity, a single medium severity flaw, and two low severity bugs.

 

Although, they haven’t explicitly disclosed the actual vulnerabilities. They have hinted about the flaws via CWE (Common Weakness Enumeration) types. As deduced from the description, the vulnerabilities predominantly include code injection and improper restrictions of operations within the bounds of memory, and information disclosure flaws. The initial two flaws could lead to arbitrary code execution.

 

Microsoft Patched The Flaws
Upon discovering the security flaws, Swascan team approached the Microsoft team to alert them of the flaws in Microsoft’s IT infrastructure. Together, they both worked to resolve the issues. Nonetheless, neither Microsoft nor the researchers disclosed the details about the existence and the technicalities of the flaws.

 

Swascan appreciated the professional handling of this matter by Microsoft experts.

 

Microsoft’s focus on our findings, along with email exchanges and evaluations were among the most serious, professional and transparent collaborations.

 

The Swascan co-founder, Pierguido Iezzi, also emphasized the importance of close collaboration between security experts and vendors.

 

Let us know your thoughts about the article in the comments section below

Sponsored Ads:

Comments:


Project-Taara-1155x770.webp

Sent 700tb over 4 km of laser technology

Category: IT|Sep 18, 2021 | Author: Admin
Fiber.jpg

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin
Discord.png

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin
Facebook.webp

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin
Apple.webp

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin
Epic.webp

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin
Desktop-Screenshot.png

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin
chrome-os-secret-weapon-100856418-large.jpg

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin
sunset-gold-iphone-13-render.png

iPhone 13 unveiled in Ukraine

Category: Apple|Sep 10, 2021 | Author: Admin
iCloud.jpg

Apple brings iCloud passwords to Windows, Microsoft's Edge

Category: Apple|Sep 9, 2021 | Author: Admin
AI.webp

AI will determine if you are allowed to drive

Category: General|Sep 8, 2021 | Author: Admin
TPM.png

The game is now blocking unsupported Windows 11 machines

Category: IT|Sep 7, 2021 | Author: Admin
Tech.png

US court rejects patent applications from AIs

Category: General|Sep 6, 2021 | Author: Admin
black.png

Facebook apologizes: their AI tagged video of black men as 'Primates'

Category: General|Sep 5, 2021 | Author: Admin
Apple.png

Apple postpones abuse monitoring after massive criticism

Category: Apple|Sep 4, 2021 | Author: Admin
more