---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Pragmatic General Multicast Code Execution SECUNIA ADVISORY ID: SA21851 VERIFY ADVISORY: http://secunia.com/advisories/21851/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network OPERATING SYSTEM: Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows XP, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of PGM (Pragmatic General Multicast) messages and can be exploited via a specially crafted multicast message. Successful exploitation allows execution of arbitrary code, but requires that the MSMQ (Microsoft Message Queuing) service is installed (not installed by default). SOLUTION: Apply patch. Microsoft Windows XP SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=ce264ac4-6ca3-4732-9016-3143ff1bca2f PROVIDED AND/OR DISCOVERED BY: The vendor credits David Warden, NuPaper. ORIGINAL ADVISORY: MS06-052 (KB919007): http://www.microsoft.com/technet/security/Bulletin/MS06-052.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------