Vulnerability In Microsoft's Server Message Block for Windows XP and Windows 2000

Reported December 11, 2002, by Microsoft.



·         Microsoft Windows XP (prior to Service Pack 1--SP1)

·         Microsoft Windows 2000





A new vulnerability exists in Microsoft Server Message Block (SMB) that can permit an attacker to silently downgrade the SMB Signing settings on a vulnerable system. This vulnerability can expose any SMB session to tampering, but the most serious scenario involves changing Group Policy information as it's disseminated from a Win2K domain controller (DC) to a newly logged-on network client.




Microsoft has released Security Bulletin MS02-070, "Flaw in SMB Signing Could Enable Group Policy to be Modified (309376)," to address this vulnerability and recommends that affected users immediately apply the appropriate patch mentioned in the bulletin. This patch is included in XP SP1 and will be included in Win2K SP4.



Discovered by Microsoft.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.