all InfoSec news
QueueJumper: Critical Unauthenticated RCE Vulnerability in MSMQ Service
Malware Analysis, News and Indicators - Latest topics malware.news
Executive Summary
Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthenticated attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.
Check Point Research (CPR) is releasing this blog after the patch was implemented to …
april attackers awareness blog check check point code context critical critical vulnerability cve cve-2023-21554 defense executive insights malware analysis message microsoft mitigation msmq patch patch tuesday point process rce research service tuesday update vulnerabilities vulnerability windows