Microsoft Patches Critical MSMQ Vulnerability

MSMQ RCE Vulnerability Fixed in Patch Tuesday, Update Now
Microsoft reports about fixing a critical flaw in the latest update pack

In the latest Patch Tuesday, on June 11, 2024 Microsoft disclosed fixing a substantial number of flaws, including a remote code execution vulnerability in Microsoft Message Queuing (MSMQ). It plagues the selection of Windows and Windows Server versions, including ones that reached end of life to the moment. At the time, no exploitation facts were detected, though it is always the matter of time for this to happen after the official disclosure.

Critical MSMQ RCE Vulnerability Fixed

In the second Patch Tuesday of July 2024, Microsoft reported about fixing 51 vulnerabilities. Among them, one particular flaw draws attention, mainly due to the excessively high CVSS rating of 9.8. The flaw in MSMQ affects a huge selection of Windows and Windows Server versions, starting from Windows Server 2008.

Vulnerability coined CVE-2024-30080 sits in the way MSMQ server handles the messages. Due to an improper behavior of the memory used in the request handling, it is possible to make the server run the code from the message. Message Queuing system is a built-in Windows messaging protocol that allows communication between applications that are running on different machines in the same network. A hacker can send a specially crafted message, that will force MSMQ on the receiving end to execute code, ingrained into the message.

Remote code execution flaws are among the most severe vulnerabilities, due to the variety of effects they can lead to. This one, however, has its severity buffed even more due to how easy it can be exploited. Adversaries do not need any authentication, so CVE-2024-30080 may easily become an entry point. Even though there are no known exploitation cases, as I’ve said in the introduction, they will likely appear – and even Microsoft acknowledges this.

Microsoft Releases Fixes for CVE-2024-30080

As the vulnerability was disclosed within the course of a Patch Tuesday, it immediately got a fix. Microsoft offers an update to all affected Windows versions, even ones that have already reached end of life. For consumer versions, they start from Windows 10 1607 – one of the earliest major updates to W10.

Updates where MSMQ flaw fixed
List of updates for consumer Windows editions that contain a fix for MSMQ vulnerability

How dangerous is it for home users? Not really. MSMQ is an optional feature that system administrators will activate during the setup of the messaging system. It is not likely for home users to have this thing present in the system in any way. However, this may not be true for someone who moved their office workstation home, keeping all the settings unchanged. In any case, installing security updates for Windows as they appear is a good practice.

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Leave a comment

Your email address will not be published. Required fields are marked *