• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Virtual PC and Virtual Server Heap Overflow Vulnerability

Solution:
Microsoft released security bulletin MS07-049 and fixes to address this issue.

Update Nov 13, 2007: The vendor has released security bulletin MS07-049 stating that previous updates did not correctly install in certain situations. Users are advised to install the latest available updates.

Please see the referenced bulletin for more information.


Microsoft Virtual PC 2004 SP1

• Microsoft Security Update for Microsoft Virtual PC 2004 SP1 (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17ffe5a2-3551 -4858-93b6-5e25af87d808&displaylang=en

Microsoft Virtual Server 2005 Enterprise Edition R2

• Microsoft Security Update for Microsoft Virtual Server 2005 R2 - Enterprise edition (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=c2fc16c4-1fb0 -4c09-b04a-684b40df8517&displaylang=en

Microsoft Virtual Server 2005 Standard Edition 0

• Microsoft Security Update for Microsoft Virtual Server 2005 - Standard edition (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=bc02ea6d-2884 -4637-9894-3413a71329ee&displaylang=en

Microsoft Virtual PC 2004 0

• Microsoft Security Update for Microsoft Virtual PC 2004 (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=cbdeaa50-7115 -4673-97c4-10009f9c5c42&displaylang=en

Microsoft Virtual Server 2005 Standard Edition R2

• Microsoft Security Update for Microsoft Virtual Server 2005 R2 - Standard edition (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=43fa1327-8e5e -4c92-901f-1ff2a0a087b4&displaylang=en

Microsoft Virtual PC for Mac 7

• Microsoft Microsoft Virtual PC for Mac 7.0.3 Update
  http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac /download/MISC/VPC703.xml&secid=100&ssid=3&flgnosysreq=True

Microsoft Virtual Server 2005 Enterprise Edition 0

• Microsoft Security Update for Microsoft Virtual Server 2005 - Enterprise edition (KB937986)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=da474b6f-9f0c -43f6-b432-050f7e76967d&displaylang=en