Workaround for the vulnerability in the Indexing Service that could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
INTRODUCTION
A vulnerability in the Indexing Service could allow remote code execution. This vulnerability involves specially formed queries that are longer than 62 characters. Security update 871250 addresses this vulnerability. This article describes a technique that will help prevent an attacker from trying to exploit this vulnerability on computers that do not have security update 871250 applied.
MORE INFORMATION

The operating system software development kit (SDK) includes sample code (Query.asp) for querying the Indexing Service. Query.asp uses Microsoft Internet Information Services (IIS) and the Indexing Service's IXSSO query object. The lines in bold in the following example demonstrate additional code that can be added to Query.asp to limit query length. This additional code will help prevent attempts to exploit this vulnerability. You can update other operating system SDK sample query pages in a similar manner.
    if right(SearchString, 1) = chr(34) then            SrchStrLen = SrchStrLen-1            SearchString = left(SearchString, SrchStrLen)    end if    SrchStrLen = len( SearchString )    if SrchStrLen > 60 then            SrchStrLen = 60            SearchString = left( SearchString, 60 )    end if    if Advanced<> "on" then      CompSearch = "{freetext} " &  SearchString & "{/freetext}"    else      CompSearch = SearchString    end if    set Q = Server.CreateObject("ixsso.Query")    set Util = Server.CreateObject("ixsso.Util")

For additional information about security update 871250, click the following article number to view the article in the Microsoft Knowledge Base:
871250 MS05-003: Vulnerability in the Indexing Service could allow remote code execution
Properties

Article ID: 890621 - Last Review: 01/16/2015 15:30:08 - Revision: 1.3

  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Home Edition SP1
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional SP1
  • kbnosurvey kbarchive kbsecurity kbadmin kbexpertiseadvanced kbhowto kbinfo KB890621
Feedback