CVE-2009-1544

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Vista Gold Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions Gold through SP2 Microsoft Windows Server 2008 versions Gold through SP2

Description: A double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to certain systems, or cause a denial of service via a crafted RPC message to other systems.

Recommendations: For Microsoft Windows XP SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista Gold, SP1, and SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 Gold and SP2, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the Workstation service until a patch is available.