Microsoft Warns of Virtual Machine Flaws

Information about exploits, how to use them, how to test for them, and new exploits.


Microsoft Warns of Virtual Machine Flaws

Postby dividmark » Mon Jun 02, 2008 11:32 pm

Microsoft warned users on Wednesday about two new security vulnerabilities affecting its Microsoft Virtual Machine, Microsoft Proxy Server 2.0, and Microsoft ISA Server 2000 products.

The Microsoft Virtual Machine (VM) contains a critical vulnerability that could allow a remote attacker to gain control of affected machines, according to security bulletin MS03-011.

The vulnerability, which occurs in code for a VM process called the ByteCode Verifier, could enable an attacker to use illegal sequences of byte codes to bypass security checks in the software, Microsoft said.

The ByteCode Verifier process is responsible for checking code as it is loaded into the Virtual Machine, the company said.

Attackers could launch an attack using a Java applet embedded in a Web page or HTML format e-mail message. Once compromised, a vulnerable machine could be used to run the attacker's code, though only with the permission of the active user account, Microsoft said.
Posts: 14
Joined: Wed May 28, 2008 9:23 pm

Re: Microsoft Warns of Virtual Machine Flaws

Postby matthewforu » Wed Aug 13, 2008 2:33 am

Thanks for Sharing this useful News.
Posts: 33
Joined: Thu Jun 19, 2008 5:21 am

Return to Software Exploits

Who is online

Users browsing this forum: No registered users and 2 guests