CVE-2010-0477

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2 Microsoft Windows 7

Description The issue arises from the improper handling of SMBv1 and SMBv2 response packets by the SMB client, allowing remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet. This can lead to the client reading the entirety of the response and then improperly interacting with the Winsock Kernel (WSK). An unauthenticated remote code execution vulnerability exists in the way that the Microsoft Server Message Block (SMB) client implementation handles specially crafted SMB responses. An attacker who successfully exploited this vulnerability could take complete control of the system.

Recommendations For Microsoft Windows Server 2008 R2, apply the necessary patch to fix the SMB client implementation. For Microsoft Windows 7, apply the necessary patch to fix the SMB client implementation. As a temporary workaround, consider restricting access to SMB services until a patch is available.