QID 91911
Date Published: 2022-06-15
QID 91911: Microsoft Windows Network File System (NFS) Remote Code Execution (RCE) Vulnerability for June 2022
Microsoft Windows Network File System is vulnerable to Remote Code Execution Vulnerability.
This vulnerability is not exploitable in NFSV2.0 or NFSV3.0.
The KB Articles associated with the update are:
5014692
5014702
5014738
5014741
5014746
5014747
QID Detection Logic (Authenticated):
This QID checks for the file version of nfssvr.sys.
An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution.
Solution
Please refer to the CVE-2022-30136 for more information pertaining to these vulnerabilities.
Workaround:
The following PowerShell command will disable the affected versions:
PS C:\Set-NfsServerConfiguration -EnableNFSV4 $false
Vendor References
- CVE-2022-30136 -
msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30136
CVEs related to QID 91911
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| 5014692 |
support.microsoft.com/en-in/help/5014692 |
||
| 5014702 |
support.microsoft.com/en-in/help/5014702 |
||
| 5014738 |
support.microsoft.com/en-in/help/5014738 |
||
| 5014741 |
support.microsoft.com/en-in/help/5014741 |
||
| 5014746 |
support.microsoft.com/en-in/help/5014746 |
||
| 5014747 |
support.microsoft.com/en-in/help/5014747 |