|
|
|
|
| |
Credit:
The information has been provided by Microsoft and Matthieu Suiche.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx
|
| |
Vulnerable Systems:
* Windows Vista
* Windows Vista x64 Edition
* Windows Server 2008
* Windows Server 2008 for x64-based Systems
* Windows Server 2008 for Itanium-based Systems
Immune Systems:
* Windows Server 2008 R2 for x64-based Systems
* Windows Server 2008 R2 for Itanium-based Systems
This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
This security update is rated Critical for supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by correctly validating the fields inside the SMBv2 packets, correcting the way that SMB handles the command value in SMB packets, and correcting the way that SMB parses specially crafted SMB packets. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Patch Availability:
http://go.microsoft.com/fwlink/?LinkID=40747
CVE Information:
CVE-2009-2526
CVE-2009-2532
CVE-2009-3103
|
|
|
|
|
