Vulnerabilities in SMB Could Allow Remote Code Execution (958687): MS09-001
******PASTED FROM OFFICIAL SITE******
Executive Summary
This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista, and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by validating the fields inside the SMB packets. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation. Microsoft recommends that customers apply the update immediately.
Known Issues. None
******PASTED FROM OFFICIAL SITE******
- EF
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment