| VID |
26127 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (KB893086) for 'Vulnerability in Windows Shell' has not been applied. Microsoft Windows 2000, XP and Server 2003 are vulnerable to a vulnerability that may allow remote attackers to execute code through the Windows Shell. The cause of the vulnerability is related to how the operating system handles unregistered file types. The specific issue is that files with an unknown extension may be opened with the application specified in the embedded CLSID.
The victim of the attack would be required to open a malicious file, possibly hosted on a Web site or sent through email. Social engineering would generally be required to entice the victim into opening the file.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS05-016.mspx
* Platforms Affected:
Microsoft Windows 2000 Any version SP 4
Microsoft Windows XP Any version SP 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003 |
| Recommendation |
Apply the appropriate patch (KB893086) for your system, as listed in Microsoft Security Bulletin MS05-016 at http://www.microsoft.com/technet/security/bulletin/ms05-016.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0057 (CVE) |
| Related URL |
12479 (SecurityFocus) |
| Related URL |
19110 (ISS) |
|
