-
Notifications
You must be signed in to change notification settings - Fork 0
Microsoft XML Parser MSXML and XML Core Services Unsupported
This page details vulnerabilities associated with unsupported versions of Microsoft XML Parser (MSXML) and XML Core Services. MSXML and XML Core Services provide standards-based implementations of XML technologies including XML 1.0, XML Schema (XSD), XSLT 1.0, and others. Unsupported versions no longer receive security updates or technical support, making them susceptible to various security threats.
- Severity: Medium to High
The use of unsupported MSXML and XML Core Services can lead to multiple security vulnerabilities, exposing systems to:
- Data Breaches: Exploiting vulnerabilities in XML processing can allow unauthorized access to confidential data.
- Denial of Service Attacks: Flaws in XML parsing can be exploited to cause service disruptions.
- Remote Code Execution: Older, unsupported versions may contain unpatched vulnerabilities that could allow attackers to execute arbitrary code.
The core issue arises from the continued use of outdated software versions that no longer receive security patches or updates. As new vulnerabilities are discovered and not fixed in these versions, the risk of exploitation increases.
To mitigate the risks associated with outdated MSXML and XML Core Services, upgrading to the latest supported versions is essential.
- Identify Current Versions in PowerShell:
Get-WmiObject -Query "SELECT * FROM Win32_Product WHERE Name LIKE '%MSXML%'"
- Download and install the latest supported MSXML version (e.g., MSXML 6.0 Service Pack 1).
- Configure XML Security: Apply security best practices for XML processing, such as disabling external entity processing and limiting XML expansion to prevent Billion Laughs attacks.
- Regular System Audits: Conduct regular audits to ensure unsupported software is identified and updated.
- Patch Management: Implement a robust patch management policy to ensure all software, especially critical components like XML processors, are kept up-to-date.
XML Configuration for Security in .NET:
<configuration>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<probing privatePath="lib;bin"/>
</assemblyBinding>
</runtime>
</configuration>- Home - Return to this main page.
- Explore detailed vulnerability categories and entries via the sidebar.
- Microsoft Teams < 1.6.0.11166 Information Disclosure↗
- Microsoft Teams < 1.6.0.18681 RCE↗
- Microsoft Windows Unquoted Service Path Enumeration↗
- Microsoft XML Parser (MSXML) and XML Core Services Unsupported↗
- Security Updates for Microsoft .NET Framework↗
- Security Updates for Microsoft Office Products C2R↗
- Security Updates for Microsoft SQL Server↗
- Windows Defender Antimalware/Antivirus Signature Definition Check↗
- Windows Speculative Execution Configuration Check↗
- WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation↗
- SSL Certificate Cannot Be Trusted↗
- SSL Certificate Chain Contains RSA Keys Less Than 2048 bits↗
- SSL Certificate with Wrong Hostname↗
- SSL Medium Strength Cipher Suites Supported (SWEET32)↗
- SSL Self-Signed Certificate↗
- SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)↗
- TLS Version 1.0 Protocol Detection↗
- TLS Version 1.1 Protocol Deprecated↗
- Apache 2.4.x < 2.4.58 Multiple Vulnerabilities↗
- Apache Log4j Vulnerabilities↗
- Apache Solr Unauthenticated Access Information Disclosure↗
- Apache Struts Vulnerabilities↗
- Apache Tomcat Vulnerabilities↗
- Amazon Corretto Java 11.x < 11.0.19.7.1 Multiple Vulnerabilities↗
- OpenJDK Vulnerabilities↗
- Oracle Java SE Vulnerabilities↗
- 7-Zip < 23.00 Multiple Vulnerabilities↗
- Adobe Acrobat Vulnerabilities↗
- AMQP Cleartext Authentication↗
- Artifex Ghostscript < 10.2.1 DoS↗
- Chargen UDP Service Remote DoS↗
- Curl 7.84 <= 8.2.1 Header DoS (CVE-2023-38039)↗
- Echo Service Detection↗
- HSTS Missing From HTTPS Server (RFC 6797)↗
- HTTP TRACE / TRACK Methods Allowed↗
- Insecure Windows Service Permissions↗
- Keepass < 2.54 Information disclosure↗
- Notepad++ < 8.5.7 Multiple Buffer Overflow Vulnerabilities↗
- Quote of the Day (QOTD) Service Detection↗
- VMware Tools 10.3.x / 11.x / 12.x < 12.3.5 Token Bypass↗
- X Server Detection↗
- Template -> Use this template for new vulnerabilities