Check Point Advisories

Update Protection against Microsoft SMB Client Transaction Memory Corruption Vulnerability (MS10-020)

Check Point Reference: CPAI-2010-065
Date Published: 13 Apr 2010
Severity: Critical
Last Updated: 16 Apr 2010
Source: Microsoft Security Bulletin MS10-020
Industry Reference:CVE-2010-0270
Protection Provided by:
Who is Vulnerable? Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 (Itanium)
Vulnerability Description A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block (SMB) client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS10-020
Vulnerability DetailsThe vulnerability is due to an error in the Microsoft SMB client implementation that fails to properly validate fields in the SMB response. A remote attacker could exploit this flaw by hosting a malicious SMB server that is designed to exploit this vulnerability and then convince a user to initiate an SMB connection with it. Successful exploitation may allow execution of arbitrary code on the target system.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO