BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities

Original release date: January 13, 2009
Source: US-CERT

Systems Affected
Microsoft Windows 2000, XP, and Vista
Microsoft Windows Server 2000, 2003, and 2008

Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.

I. Description
In their bulletin for January 2009, Microsoft released updates to address vulnerabilities in the Server Message Block (SMB) Protocol that affects all supported versions Microsoft Windows.

II. Impact
A remote, unauthenticated attacker could gain elevated privileges, execute arbitrary code, or cause a denial of service.

III. Solution
Microsoft has provided updates for this vulnerability in the Microsoft Security Bulletin Summary for January 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should also consider using an automated update distribution system such as Windows Server Update Services (WSUS).

One Response to “Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities”

  1. You have a great blog here and it is Nice to read some well written posts that have some relevancy…keep up the good work ;)

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector¬† in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]