Description: This security update resolves one publicly disclosed and several privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server. The security update addresses the vulnerabilities by correcting the manner in which the SMB client handles SMB responses, allocates memory, and validates fields within the SMB response.
Update type: Critical
Release date: April 13, 2010
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/980232