Windows DNS Client – Memory Corruption Vulnerabilities

Bishop Fox high risk vulnerabilities security advisory

Share

Patch Date:

October 10, 2017

Reported Date:

March 7, 2017

Vendor

Microsoft Corporation

Systems Affected

Windows 8 through Windows 10, and Windows Server 2012 through 2016.

Summary

High-risk memory corruption vulnerabilities in the Windows DNS client could lead to the compromise of a device or system. These issues relate to insufficient validation of data during the parsing of NSEC3 DNS Resource Records (RRs), resulting in corruption of the affected application's heap. If fully exploited, these vulnerabilities would enable an attacker to execute arbitrary code on the target host, and subsequently gain full administrative control of the affected host.

Vendor Status

The vulnerabilities were remediated in CVE-2017-11779 as part of Microsoft's October Patch Tuesday update.

Disclosure Timeline

  • March 7, 2017: Issue initially reported to Microsoft
  • March 8, 2017: Microsoft confirms receipt of report, case opened
  • March 9, 2017: Microsoft confirms vulnerability and that they are working on a fix
  • April 27, 2017: Bishop Fox requests status update
  • May 2, 2017: Microsoft provides update that triage is still in process, with no ETA
  • May 12, 2017: Microsoft advises an August release date
  • June 26, 2017: Microsoft advises that due to unforeseen circumstances, the release is pushed back to October
  • October 10, 2017: Patch released

Researcher

Nick Freeman of Bishop Fox

Vulnerability Details

Please refer to the technical write-up at the Bishop Fox blog.


Default fox headshot purple

About the author, Nick Freeman

Security Researcher

Nick Freeman is a security researcher. He was formerly a consultant at Bishop Fox.
More by Nick

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.