CVE-2009-2526

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2

Description The issue is related to the SMBv2 component in the Windows operating system, which is associated with resource management errors. This allows a remote attacker to cause a denial of service, resulting in an infinite loop and system hang, by sending a crafted packet to the Server service. The vulnerability can be exploited without authentication, enabling an attacker to send a specially crafted network message to a computer running the Server service, causing the computer to stop responding until restarted.

Recommendations For Microsoft Windows Vista versions Gold, SP1, and SP2, update the system to prevent the exploitation of this issue. For Microsoft Windows Server 2008 versions Gold and SP2, update the Server service to prevent the exploitation of this issue. As a temporary workaround, consider restricting access to the Server service to minimize the risk of exploitation.