Fortiguard Labs Discovers Multiple Vulnerabilities In Microsoft Message Queuing Service
Fortinet News, Monday, July 24,2023
Over the last few months, FortiGuard Labs has discovered and reported multiple vulnerabilities found in the Microsoft Message Queuing (MSMQ) service.
Microsoft patched these vulnerabilities in the April and July 2023 security updates. These patches are rated as critical/important, and as always, we urge users to install them as soon as possible.
- Affected platforms: Windows
- Impacted parties: Microsoft Windows users with Microsoft Message Queuing service installed
- Impact: Remote code execution and denial-of-service
- Severity level: Critical and Important
In this post, we will walk through the attack surfaces of MSMQ, the approaches we took to tackle the challenges we encountered during fuzzing, and finally, we will provide details of the vulnerabilities.