Microsoft Patch MS09-063
- From: DJ <DJ@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 12 Nov 2009 09:46:02 -0800
The advisory for 063 is confusing I am not sure what their reference to local
subnet means, later in the advisory they state:
How could an attacker exploit the vulnerability?
An attacker could try to exploit the vulnerability by sending a specially
crafted message to the WSD TCP ports 5357 or 5358 on an affected system.
Alternatively, an attacker could send a specially crafted response to a WSD
message querying for devices, when initiated by the Windows client. Note that
applications that use the WSDAPI may use ports other than TCP ports 5357 and
5358, which are the defaults
Can someone clarify this for me.