giobar57
Guest
Microsoft Security Advisory (977544)
Vulnerability in SMB Could Allow Denial of Service
Published: November 13, 2009
Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol.
This vulnerability cannot be used to take control of or install malicious software on a user’s system.
However, Microsoft is aware that detailed exploit code has been published for the vulnerability.
Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time.
Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers.
This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk.
We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.
This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed
Microsoft Security Advisory
Vulnerability in SMB Could Allow Denial of Service
Published: November 13, 2009
Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol.
This vulnerability cannot be used to take control of or install malicious software on a user’s system.
However, Microsoft is aware that detailed exploit code has been published for the vulnerability.
Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time.
Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers.
This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk.
We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.
This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed
Microsoft Security Advisory
