Thu, Sep 17, 2009
Vista SMB2 Vulnerability Allows Remote Command Execution
A security vulnerability in Windows Vista, Server 2008, and Windows
7 RC has been discovered. A bug in SMB v2.0 (the part of Windows
that implements enhanced network shares) allows an attacker to create a
specially crafted network packet to run arbitrary commands on an affected
Windows machine. An
exploit of this bug has already been made public. Windows 2000, XP, and
the RTM (final) version of Windows 7 is not affected by this bug, but the
RC
(beta/testing) version of Windows 7 is apparently affected. Microsoft
has not yet released a fix, but has published some workarounds at
http://www.microsoft.com/technet/security/advisory/975497.mspx.
To be emailed any new alerts as they appear, or to cease being emailed such alerts, send email to securityalerts-request@cs.
![[Valid HTML 4.01 Transitional]](/support/security/valid-html401-blue.png){kind=small}
![[Valid RSS]](/support/security/valid-rss.png)
![[Valid Atom]](/support/security/valid-atom.png)