CVE-2010-0017

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2 versions prior to the fixed version Microsoft Windows 7 versions prior to the fixed version Microsoft Windows Vista versions prior to the fixed version Microsoft Windows Server 2008 versions prior to the fixed version

Description A race condition in the SMB client implementation allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code. An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. This could result in an elevation of privilege vulnerability, allowing an attacker to run arbitrary code with system-level privileges, install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability could also result in a denial of service, causing the computer to stop responding until restarted.

Recommendations For Microsoft Windows Server 2008 R2, update to a version that includes the fix for this issue. For Microsoft Windows 7, update to a version that includes the fix for this issue. For Microsoft Windows Vista, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the SMB protocol to minimize the risk of exploitation. Avoid using the SMB Negotiate response in the affected API endpoint until the issue is resolved.