| VID |
26318 |
| Severity |
30 |
| Port |
445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS07-063, KB942624) for 'Vulnerability in SMBv2' appears not to be applied. Microsoft Server Message Block (SMB) Protocol is a network file sharing protocol used by default on Windows based computers. SMBv2 is supported on computers running Windows Server 2008 and Windows Vista. SMBv2 feature could allow a remote attacker to execute arbitrary code on the system, caused due to an improper implementation of SMBv2 signing. By sending a specially-crafted SMBv2 packet to a vulnerable system, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the logged-on user. SMB signing is disabled by default in Windows Vista.
* References:
http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx
http://www.frsirt.com/english/advisories/2007/4179
http://www.kb.cert.org/vuls/id/520465
http://securitytracker.com/alerts/2007/Dec/1019072.html
http://secunia.com/advisories/27997
* Platforms Affected:
Microsoft Windows Vista |
| Recommendation |
Apply the appropriate patch (KB942624) for your system, as listed in Microsoft Security Bulletin MS07-063 at http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2007-3898 (CVE) |
| Related URL |
25919 (SecurityFocus) |
| Related URL |
36805,36806 (ISS) |
|
