image credit: Adobe Stock

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

July 26, 2023

Two of these flaws, tracked as CVE-2023-21554 and CVE-2023-28302, could lead to remote code execution (RCE) and denial-of-service (DoS) and were addressed by Microsoft with its April 2023 Patch Tuesday updates. No CVE identifier has been provided for the third issue.

A proprietary messaging protocol, MSMQ supports communication between applications running on separate systems. It places messages that did not reach their destination in a queue and resends them as soon as the destination becomes reachable.

Read More on SecurityWeek