Microsoft Windows is prone to a remote code-execution vulnerability when processing the protocol headers for the Server Message Block (SMB) Negotiate Protocol Request. NOTE: Reportedly, for this issue to be exploitable, file sharing must be enabled. An attacker can exploit this issue to execute code with SYSTEM-level privileges failed exploit attempts will likely cause denial-of- service conditions. Windows 7 RC, Vista and 2008 Server are vulnerable other versions may also be affected. NOTE: Reportedly, Windows XP and 2000 are not affected. UPDATE (September 9, 2009): Symantec has confirmed the issue on Windows Vista SP1 and Windows Server 2008.

• http://blogs.technet.com/msrc/archive/2009/09/08/microsoft-security-advisory-975497-released.aspx
• http://blogs.technet.com/srd/archive/2009/09/18/update-on-the-smb-vulnerability.aspx
• http://g-laurent.blogspot.com/2009/09/windows-vista7-smb20-negotiate-protocol.html
• http://www.kb.cert.org/vuls/id/135940
• http://www.microsoft.com/technet/security/advisory/975497.mspx
• http://www.microsoft.com/windows/products/windowsvista/default.mspx
• http://www.microsoft.com/windows/windows-7/
• http://www.reversemode.com/index.php?option=com_content&task=view&id=64&Itemid=1
• http://www.securityfocus.com/archive/1/506300
• http://www.securityfocus.com/archive/1/506327
• http://www.securityfocus.com/bid/36299

---

Updated on 2017-03-28