CVE-2010-0231

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2

Description The issue is related to the SMB implementation in the Server service, which does not use a sufficient source of entropy. This allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests. The vulnerability is related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token. An unauthenticated elevation of privilege exists in the way that Microsoft Server Message Block (SMB) Protocol software handles authentication attempts, allowing an attacker to exploit the vulnerability by sending large amounts of authentication requests to the SMB server.

Recommendations For Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, consider restricting access to the SMB service to minimize the risk of exploitation. As a temporary workaround, consider disabling the SMB protocol until a patch is available. Avoid using the SMB service for authentication until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.