Vulnerabilities in SMB Server Could Allow Remote Code Execution
Description: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities. The security update addresses these vulnerabilities by correcting the way that SMB validates SMB requests.
Update type: Important
Release date: February 9, 2010
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/971468
- SMB Pathname Overflow Vulnerability – CVE-2010-0020
- SMB Memory Corruption Vulnerability – CVE-2010-0021
- SMB Null Pointer Vulnerability – CVE-2010-0022
- SMB NTLM Authentication Lack of Entropy Vulnerability – CVE-2010-0231
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB971468.