Security Research & Defense

Tuesday, March 10, 2009 10:05 AM

Assessing the risk of the schannel.dll vulnerability (MS09-007)

MS09-007 resolves an issue in which an attacker may be able to log onto an SSL protected server which is configured to use certificate based client authentication with only the public key component of a certificate, not the associated private key. Only

Posted by swiblog | (Comments Off)

Filed under: signing, spoofing, Risk Asessment

Tuesday, November 11, 2008 10:40 AM

MS08-068: SMB credential reflection defense

Today Microsoft released a security update, MS08-068 , which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of

Posted by swiblog | (Comments Off)

Filed under: Mitigations, Workarounds, signing, SMB, rating, network protocol

Thursday, December 27, 2007 1:47 PM

MS07-063 - The case of the insecure signature

MS07-063 addresses a weakness in the SMBv2 message signing algorithm. SMB signing is a feature enabled by default on domain controllers to prevent man-in-the-middle attacks. As you can imagine, if an attacker on your local subnet can tamper with the SMB

Posted by swiblog | 3 Comments

Filed under: network capture, network, signing, SMB

Attachment(s): smbv2_001.pcap

Security Research & Defense

This Blog

Syndication

Search

News

Blogroll

Report a Vulnerability to Microsoft

Tags

Recent Posts

Archives

Browse by Tags

Assessing the risk of the schannel.dll vulnerability (MS09-007)

MS08-068: SMB credential reflection defense

MS07-063 - The case of the insecure signature