MS.SMB.Remote.Code.Execution

Last Updated DateMar 09, 2010
Release DateFeb 10, 2010
SeverityHigh
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems.
DescriptionThis indicates an attack attempt against a heap-based buffer-overflow
vulnerability in Samba client.

By sending a specially crafted SMB response to the SMB client, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.
Affected ProductsWindows Server 2008
Windows 7
Windows Server 2008 R2
Recommended ActionsApply the patch, available from the vendor's web site:
http://update.microsoft.com
Common Vulnerabilities and Exposures (CVE)http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-0016
Microsoft Bulletin IDMS10-006   http://www.microsoft.com/technet/security/Bulletin/MS10-006.mspx
Reference: VID-18205