Article ID: 810577 - Last Review: December 1, 2007 - Revision: 7.3

MS03-005: Unchecked buffer in Windows redirector may permit privilege elevation

View products that this article applies to.

On This Page

Expand all | Collapse all

SYMPTOMS

The Windows Redirector is used by Windows-based clients to gain access to files (local or remote), no matter which underlying network protocol is in use. For example, you can use the Add a Network Place Wizard or the net use command to map a network share as a local drive. In either case, the Windows Redirector handles the routing of information to and from the network share.

A security vulnerability exists in the implementation of the Windows Redirector on Windows XP. This vulnerability is caused by an unchecked buffer that is used to receive parameter information. By providing malformed data to the Windows Redirector, an attacker might cause Windows to stop working. Or, if the data is crafted in a particular way, might permit the attacker to run code.
Back to the top

RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/ ) How to obtain the latest Windows XP service pack
Back to the top

Update Information

The following files are available for download from the Microsoft Download Center:

Windows XP Home Edition, Windows XP Professional, Windows XP Tablet PC Edition, Windows XP Media Center Edition
All languages:
Collapse this imageExpand this image
Download
Download the 810577 package now (http://microsoft.com/downloads/details.aspx?FamilyId=33DABD1F-505E-48ED-B9BD-CDAC0F8A2BC1&displaylang=en)
Windows XP 64-Bit Edition
All languages:
Collapse this imageExpand this image
Download
Download the 810577 package now (http://microsoft.com/downloads/details.aspx?FamilyId=A2258F4E-9A69-4537-9469-0DDEB4BB76F8&displaylang=en)
Release Date: December 11, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/ ) How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
Back to the top

Installation Information

You can apply this update to the released version of Windows XP, or to Windows XP Service Pack 1 (SP1). You must restart your computer after you apply this update. This update supports the following Setup switches:
  • /? : Display the list of installation switches.
  • /u : Use unattended mode.
  • /f : Force other programs to quit when the computer shuts down.
  • /n : Do not back up files for removal.
  • /o : Overwrite OEM files without prompting.
  • /z : Do not restart when installation is complete.
  • /q : Use Quiet mode (no user interaction).
  • /l : List installed hotfixes.
  • /x Extract the files without running Setup.
For example, to install the update without any user intervention, and then not to force the computer to restart, use the following command:
q810577_wxp_sp2_x86_enu /u /q /z
Warning Your computer is vulnerable until you restart it.
Back to the top

File information

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows XP Home Edition and Windows XP Professional

   Date         Time   Version        Size     File name
   --------------------------------------------------------------------------------
   18-Nov-2002  16:27  5.1.2600.106  392,576  %Windir%\System32\Drivers\Mrxsmb.sys

Windows XP Home Edition SP1, Windows XP Professional SP1, Windows XP Tablet PC Edition, and Windows XP Media Center Edition

   Date         Time   Version            Size    File name
   --------------------------------------------------------------
   18-Nov-2002  16:27  5.1.2600.1143     392,576  %Windir%\System32\Drivers\Mrxsmb.sys

Windows XP 64-Bit Edition

  Date         Time   Version        Size        File name
   ----------------------------------------------------------------------------------
   18-Nov-2002  16:17  5.1.2600.106   1,237,376  %Windir%\System32\Drivers\Mrxsmb.sys

Windows XP 64-Bit Edition SP1

  Date         Time   Version            Size     File name
   --------------------------------------------------------------
   18-Nov-2002  16:28  5.1.2600.1143   1,236,864  Mrxsmb.sys
Back to the top

STATUS

Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows XP Service Pack 2.
Back to the top

MORE INFORMATION

For more information about this vulnerability, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/MS03-005.mspx (http://www.microsoft.com/technet/security/bulletin/MS03-005.mspx)
Back to the top
APPLIES TO
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows XP Professional x64 Edition
Back to the top
Keywords: 
kbbug kbfix kbsecvulnerability kbsecurity kbwinxpsp2fix kbsecbulletin kbwinxppresp2fix atdownload KB810577
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations