MORE INFORMATION

Remote Data Service (RDS) Vulnerability Described

Remote Data Service (RDS) is a known vulnerability that affects Microsoft Windows servers that are running Internet Information Server (IIS). This vulnerability allows a malicious remote user to use a Web browser to force a Windows server to return information from relational databases or to run system commands.

An intruder can also use the vulnerability to issue shell commands, which can be very destructive to the Web server. Because the RDS Datafactory Object is a part of Microsoft Data Access Components (MDAC), you can make the Web server run in Unsafe mode by running the Handunsf.reg file.

RDS Datafactory Object uses a handler to read information from the Registry about unrestricted (Unsafe mode) access. The registry file Handunsf.reg has been provided to set up the handler registry entries for an unrestricted configuration. As a result, by running Handunsf.reg, you can make the server run in unrestricted (Unsafe) mode.

Removed for Security Reasons

Because of the vulnerability described earlier, Handunsf.reg has been removed by the MDAC 2.8 Redist setup. This does not affect installing and using MDAC components because there are no dependencies on this file.

Versions Affected

Handunsf.reg file is removed by MDAC 2.8 Redist setup from Windows Server build 3692 and later versions.

Note: Administrators can still make the server run in Unsafe mode because they can still use msdfmap.handler and edit the .ini file.

MDAC Default Configurations

• MDAC version 2.1 and all later versions are, by default, configured to work in Safe Mode.
• MDAC 1.5 and 2.0 are, by default, configured to work in Unsafe Mode.
• When you upgrade to MDAC 2.1 from the earlier version, the default configuration is Unsafe Mode.
  

To work with Safe Mode, the following registry value has to be changed.