Vulnerabilities in Windows Services for UNIX and the Subsystem for UNIX-based Applications (SUA) could allow for remote code execution

Symptoms

On a Windows Server 2008-based computer or on a computer that has Windows Services for UNIX and the Subsystem for UNIX-based Applications (SUA) installed, the following gzip libraries contain vulnerabilities that could allow for execution of malicious code:

  • unlzh.c
  • unpack.c

Resolution

A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that is described in this article. Apply it only to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

To resolve this problem immediately, contact Microsoft Customer Support Services to obtain the hotfix. For a complete list of Microsoft Customer Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
The English (United States) version of this hotfix package has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Subsystem for UNIX-based Applications - x86 version:
File name FolderFile versionFile sizeDateTime
gunzipsvr-5\bin\gunzip9.0.3790.2076126,97627-May-0823:12
gzipsvr-5\bin\gunzip9.0.3790.2076126,97627-May-0823:11
gunzipusr\contrib\bin\gunzip9.0.3790.2076176,64027-May-0822:48
gzipusr\contrib\bin\gunzip9.0.3790.2076176,64027-May-0822:48
packusr\contrib\bin\gunzip9.0.3790.2076176,64027-May-0822:48
pcatusr\contrib\bin\gunzip9.0.3790.2076176,64027-May-0822:48
unpackusr\contrib\bin\gunzip9.0.3790.2076176,64027-May-0822:48
Subsystem for UNIX-based Applications - x64 version:
File name FolderFile versionFile sizeDateTime
gunzipsvr-5\bin\gunzip9.0.3790.2076126,97627-May-0823:12
gzipsvr-5\bin\gunzip9.0.3790.2076126,97627-May-0823:11
gunzipusr\contrib\bin\gunzip9.0.3790.2076162,30427-May-0822:47
gzipusr\contrib\bin\gunzip9.0.3790.2076162,30427-May-0822:47
packusr\contrib\bin\gunzip9.0.3790.2076162,30427-May-0822:47
pcatusr\contrib\bin\gunzip9.0.3790.2076162,30427-May-0822:47
unpackusr\contrib\bin\gunzip9.0.3790.2076162,30427-May-0822:47
Windows Services for Unix 3.5 version:
File nameFile versionFile sizeDateTime
gunzip8.0.1969.62134,65627-May-0821:11
gzip8.0.1969.62134,65627-May-0821:11
pack8.0.1969.62134,65627-May-0821:11
pcat8.0.1969.62134,65627-May-0821:11
unpack8.0.1969.62134,65627-May-0821:11
Windows Services for Unix 3.0 version:
File nameFile versionFile sizeDateTime
gunzip7.0.1701.48130,048 27-May-0820:26
gzip7.0.1701.48130,048 27-May-0820:26
pack7.0.1701.48130,048 27-May-0820:26
pcat7.0.1701.48130,048 27-May-0820:26
unpack7.0.1701.48130,048 27-May-0820:26

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Properties

Article ID: 953602 - Last Review: - Revision: 1

Feedback