ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

All tag results for ‘SMB’

KB975517

October 20th, 2009 · No Comments · 3,137 views

UpdatesDescription: This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. The security update addresses the vulnerabilities by correctly validating the fields inside the SMBv2 packets, correcting the way that SMB handles the command value in SMB packets, and correcting the way that SMB parses specially crafted SMB packets. Keep reading →

KB975497

September 18th, 2009 · No Comments · 3,029 views

Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.

KB950836

July 8th, 2009 · No Comments · 1,235 views

You encounter poor performance on a computer that is running Windows Server 2008 or Windows Vista when you perform network-related operations. These network-related operations include when you copy a shared file, move a shared file, or use the Active Directory Migration Tool (ADMT).

For example, the source or destination domain controller is running Windows Server 2008. In this example, an ADMT migration takes three times longer than a migration between two domain controllers that are running versions pre-Windows Server 2008.

In another example, both the source and destination domain controllers are running Windows Server 2008. In this example, an ADMT migration takes six times longer than a migration between two domain controllers that are both running versions pre-Windows Server 2008.

KB969670

July 2nd, 2009 · No Comments · 1,530 views

Consider the following scenario. You collect data on the following performance counters on a computer that is running Windows Server 2008 or Windows Vista.

Object: Server Work Queues\Current Clients

Instances: SMB2 Blocking [number]
SMB2 NonBlocking [number]

In this scenario, you collect incorrect data. For example, the value of the “SMB2 NonBlocking 0″ counter is extremely high (approximately 4,294,967,200). Therefore, you cannot monitor accurately the status of the server.

Microsoft Security Bulletin Summary for January 2009

January 13th, 2009 · 1 Comment · 2,226 views

One ‘Moderate’ security update is available for Windows Vista (KB958687). The update resolves vulnerabilities in SMB that could allow remote code execution. Keep reading →

KB958687

January 13th, 2009 · 3 Comments · 5,022 views

UpdatesDescription: This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. The security update addresses the vulnerabilities by validating the fields inside the SMB packets. Keep reading →

KB957097

November 13th, 2008 · No Comments · 2,879 views

UpdatesDescription: This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by modifying the way that SMB authentication replies are validated to prevent the replay of credentials. Keep reading →

KB957095

October 14th, 2008 · 1 Comment · 3,391 views

UpdatesDescription: This security update resolves a privately reported vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by modifying the way that SMB handles file name length validation and file sharing. Keep reading →

KB950876

May 26th, 2008 · No Comments · 2,988 views

Consider the following scenario:

  • The following policies are enabled on a domain controller that is running Windows Server 2003 in a domain:
    • Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Microsoft network server: Digitally sign communications (always)
    • Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Microsoft network server: Digitally sign communications (if client agrees)
  • The following policies are enabled on a member computer that is running Windows Vista Service Pack 1 or Windows Server 2008 in the same domain:
    • Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Microsoft network client: Digitally sign communications (always)
    • Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Microsoft network client: Digitally sign communications (If server agrees)

In this scenario, Group Policy settings are not applied on the member computer. Additionally, the following event is logged in the System log on the member computer:

Date: Date
Event ID: 1058
Level: Error
Keywords:
User: UserSID
Computer: CompuerName
Description:
The processing of Group Policy failed. Windows attempted to read the file \\path\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.

Note: This problem occurs only on member computers that are running Windows Server 2008 or Windows Vista Service Pack 1 (SP1). It does not occur on member computers that are running Windows Server 2003, Windows XP, or the release version of Windows Vista.

KB949857

May 14th, 2008 · 17 Comments · 6,111 views

Consider the following scenario:

  • On a computer that is running Windows Vista Service Pack 1 (SP1) or Windows Server 2008, you create a Server Message Block (SMB) share.
  • After the share is not accessed for some time, you remove the share.

In this scenario, you cannot delete the folder that is used to back the share. Additionally, you receive an error message that resembles the following:

Folder In Use
The action can’t be completed because the folder is open in another program
Close the folder and try again.

In this case, you have to restart the computer. After that, you can delete the folder.