Hernan Ochoa

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.2 **Description** The issue allows attackers to bypass the Gatekeeper protection mechanism. This is achieved by improperly handling file-type metadata in LaunchServices, specifically via a crafted JAR archive. **Recommendations** For Apple OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2 **Description** The issue is related to the SMB implementation in the Server service, which does not use a sufficient source of entropy. This allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests. The vulnerability is related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token. An unauthenticated elevation of privilege exists in the way that Microsoft Server Message Block (SMB) Protocol software handles authentication attempts, allowing an attacker to exploit the vulnerability by sending large amounts of authentication requests to the SMB server. **Recommendations** For Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, consider restricting access to the SMB service to minimize the risk of exploitation. As a temporary workaround, consider disabling the SMB protocol until a patch is available. Avoid using the SMB service for authentication until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.