CVE-2008-4037

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 2000 Gold through SP4 Microsoft Windows XP versions Gold through SP3 Microsoft Windows Server 2003 versions SP1 and SP2 Microsoft Windows Vista versions Gold and SP1 Microsoft Windows Server 2008

Description A remote code execution issue exists in the way Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker's SMB server. This issue allows an attacker to replay the user's credentials back to them and execute code in the context of the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this issue could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows 2000 Gold through SP4, apply the necessary security updates to resolve the issue. For Microsoft Windows XP Gold through SP3, apply the necessary security updates to resolve the issue. For Microsoft Windows Server 2003 SP1 and SP2, apply the necessary security updates to resolve the issue. For Microsoft Windows Vista Gold and SP1, apply the necessary security updates to resolve the issue. For Microsoft Windows Server 2008, apply the necessary security updates to resolve the issue.