Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Vulnerability in Windows Active Directory, Vulnerabilidad en Windows Active Directory|
It is a critical vulnerability in the Windows Active Directory on Windows 2003/2000, which allows hackers to gain remote control of the affected computer or to launch denial of service attacks.
|First detected on:||July 11, 2007|
|Detection updated on:||July 11, 2007|
MS07-039 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Windows Active Directory on Windows 2003/2000, which allows arbitrary code to be remotely executed and denial of service attacks to be launched.
The addressed vulnerabilities are:
- Windows Active Directory vulnerability: a remote code execution that allows hackers to gain remote control of the affected computer with the same privileges as the logged on user.
This vulnerability is usually exploited by sending a specially crafted network packet to the vulnerable system. However, in order to exploit it on Windows Server 2003, the attacker must be authenticated.
- Windows Active Directory vulnerability: a denial of service vulnerability, which could cause the affected system to stop responding.
This vulnerability is usually exploited by sending a specially crafted request to a vulnerable system.
Additionally, though attacks can be launched across the Internet, a firewall could be used in order to prevent those attacks.
If you have Windows 2003/2000, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.