|
|
|
Vulnerability Note VU#520465Microsoft SMBv2 signing vulnerabilityOverviewA vulnerability in the way Microsoft Server Message Block Version 2 (SMBv2) implements digital signing of packets may allow a remote, unauthenticated attacker to gain local user privileges and execute arbitrary code.I. DescriptionMicrosoft Server Message Block (SMB) Protocol is a network file sharing protocol used by default on Windows based computers. SMBv2 is supported on computers running Windows Server 2008 and Windows Vista. SMBv2 packet signing - used over all SMB communications - is critical for enabling recipients to verify the source and authenticity of the packet. A flaw exists in the way SMBv2 implements packet signing which may allow an attacker to modify a packet in transit, gain local user access to the system and execute arbitrary code.II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code with local user privileges on an affected system.III. SolutionMicrosoft has published Microsoft Security Bulletin MS07-063 in response to this issue. Users are strongly encouraged to review this bulletin and apply the referenced patches.In addition to the patches referenced above, Microsoft has published workarounds for this issue. Users who are unable to apply the patches are strongly encouraged to implement these workarounds as appropriate.
References
This vulnerability was reported by the vendor. This document was written by Joseph W. Pruszynski.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader