In the first security bulletin of the year 2009, MS09-001, Microsoft has published several critical updates which resolve 2 privately reported vulnerabilities and a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) protocol.
If exploited successfully, an attacking user could execute remote code on the system, and could view, change or delete data, or create new accounts with full user rights.
This security update has been rated as critical for all the versions of Microsoft Windows 2000, Windows XP and Windows 2003 and as moderate for all the versions of Windows Vista and Windows Server 2008.
We remind you that in order to improve the security level of your computer against known and unknown network vulnerabilities, you can stop or block the access to any network service you don’t use by using a properly configured firewall or by disabling the network services that are not used in the system.
Although in PandaSecurity we work daily on how to improve our products in order to protect our clients from these new vulnerabilities, we always recommend to install as soon as possible the security patches published in the Microsoft’s security bulletins, as well as other security updates that may affect other products installed on the same system.
- MS09-001 - Vulnerabilities in SMB Could Allow Remote Code Execution