Welcome to TechNet Blogs Sign in | Join | Help

News

  • Welcome to the blog for the Microsoft CSS Enterprise Platforms Networking team.

    Disclaimer: All postings are provided "AS IS" with no warranties, and confer no rights. This weblog does not represent the thoughts, intentions, plans or strategies of Microsoft. Because a weblog is intended to provide a semi-permanent point-in-time snapshot, you should not consider out of date posts to reflect current thoughts and opinions.

    Blog Tools

    Add to Technorati Favorites
    Blog Flux Directory
    Computers Blogs - Blog Top Sites

    Add to Google

    Locations of visitors to this page

Microsoft Security Advisory 975497 Released

What is the purpose of this alert?

This alert is to notify you that Microsoft has released Security Advisory 975497– Vulnerabilities in SMB Could Allow Remote Code Execution - on September 08, 2009.

Summary

Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) Protocol. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.

Mitigating Factors
  • Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the SMB ports should be blocked from the Internet.
  • In Windows Vista, if the network profile is set to "Public", the system is not affected by this vulnerability, since unsolicited inbound network packets are blocked by default.
  • Windows 7 and Windows Server 2008 R2 are not affected by this vulnerability.
Recommendations

Review Microsoft Security Advisory 975497 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQs), and links to additional resources.

Customers who believe they are affected can contact Customer Service and Support (CSS) in North America for help with security update issues or viruses at no charge using the PC Safety line (866) PCSAFETY. International customers can contact Customer Service and Support by using any method found at http://www.microsoft.com/protect/worldwide/default.mspx.

Additional Resources

Thank you,

Microsoft CSS Security Team

Posted: Wednesday, September 09, 2009 4:46 PM by MichaelPlatts
Filed under: ,

Comments

No Comments

Leave a Comment

(required) 

(required) 

(optional)

(required) 

  
Enter Code Here: Required

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Page view tracker