Microsoft Updates for Multiple SMB Protocol Vulnerabilities

Original release date: January 13, 2009
Last revised: --
Source: US-CERT

Systems Affected

• Microsoft Windows 2000, XP, and Vista
• Microsoft Windows Server 2000, 2003, and 2008

Overview

Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.

I. Description

In their bulletin for January 2009, Microsoft released updates to address vulnerabilities in the Server Message Block (SMB) Protocol that affects all supported versions Microsoft Windows.

II. Impact

A remote, unauthenticated attacker could gain elevated privileges, execute arbitrary code, or cause a denial of service.

III. Solution

Microsoft has provided updates for this vulnerability in the Microsoft Security Bulletin Summary for January 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should also consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

• Microsoft Security Bulletin Summary for January 2009 - <http://www.microsoft.com/technet/security/bulletin/ms09-jan.mspx>
• Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx>

---

Feedback can be directed to US-CERT.

---

Produced 2009 by US-CERT, a government organization. Terms of use

Revision History

January 13, 2009: Initial release