Microsoft Security Bulletin MS09-040 – Vulnerability in Message Queuing Could Allow Elevation of Privilege

A new patch came out yesterday for MSMQ: MS09-040 Microsoft Security Bulletin MS09-040 – Important 971032 MS09-040: Vulnerability in Message Queuing could allow elevation of privilege If you are already on the latest service pack then you will be OK for Windows XP and Windows Vista; Windows Server 2008 (R1 and R2) and Windows 7 are also unaffected….


MSMQ and Federal Information Processing Standard (FIPS)

The United States Government has a couple of standards that provide a benchmark for implementing cryptographic software. These are: Federal Information Processing Standard 140-1 (FIPS 140-1)which was published in January 1994, and is superceded by… Federal Information Processing Standard 140-2 (FIPS 140-2)which was published in May 2001. To enable FIPS compliant algorithms in Windows 2003: In…


Current list of MSMQ hotfixes

[[Edited November 6th, 2009]]   I think it is always a good idea to keep on top of any changes to the products you are using and this includes knowing what hotfixes have been released since the latest service pack. To this end I’ve produced a table of the hotfixes available for MSMQ. Hotfixes are cumulative so…


Authenticated or encrypted MSMQ messages are rejected because of incorrect CSP name

There is a new hotfix released for MSMQ 3.0 on Windows XP to correct a problem where the certificate service provider name was not being written correctly to the message: FIX: A Message Queuing 3.0 message is rejected on the receiver when you send the message by using an external certificate from a Windows XP Service Pack 3-based computer…


How to get a list of installed hotfixes and updates

You can quickly collect this from the command prompt using WMIC (as long as you are using an operating system newer than Windows 2000). This command-line utility (Wmic.exe) is used to access Windows Management Instrumentation (WMI) and saves you having to write a script to gather information by means of WMI. Wmic.exe can only be used…


Microsoft Security Bulletin MS08-065 – MSMQ 2.0 vulnerability

This bulletin came out yesterday and only applies to Windows 2000. If you are still running systems using MSMQ 2.0 then please download and deploy the hotfix at your earliest convenience. This KB discusses the hotfix (build 951071  MS08-065: Vulnerability in Message Queuing could allow remote code execution The bulletin can be found in…


LSASS process can get into a spin with too many MSMQ messages

There’s a new KB article out (although the hotfix was produced last year): FIX: The Lsass.exe process may use a high percentage of CPU resources when you run Message Queuing on a domain controller with global catalog The following is taken from the KB:  SYMPTOMSConsider the following scenario. You are running Microsoft Message Queuing on a…


MSMQ is asynchronous on the inside too

There is a new Knowledgebase article out – although I use the term “new” with some reservation. The article refers to a hotfix that has since been included in service pack 2 which gives you an idea how old the content really is. FIX: Message Queuing 3.0 still accepts incoming messages from the network after…


Hotfix for when the Triggers service seems to act randomly in MSMQ 3.0

This KB: 937549 FIX: Random messages may not be processed, and duplicate messages may be processed by the trigger rule when you use the Message Queuing Triggers service to process messages in Message Queuing 3.0 is pretty irritating to me – there is so little content to help you understand what’s going wrong: In Microsoft Message…


The easy way to get hold of MSMQ hotfixes

This isn’t news but I thought I should highlight it in case its new to you. If you want a hotfix for a problem Microsoft has resolved in MSMQ (or in any other of their products) then you don’t need to phone in and raise a support request. You can instead use the Hotfix Request Web Submission…