Stephen Toulouse here with the MSRC, just wanted to provide everyone with some information related to public reports of a possible vulnerability in Microsoft Windows that was publicly disclosed. The issue involves the Windows Shell, and our initial investigation has found that significant user interaction would be required for an attacker to exploit this vulnerability. So far we have confirmed that Windows XP, Windows XP SP2 and Windows Server 2003 are not affected by this particular issue. We’re also looking into reports of proof of concept code that has been made public that could seek to exploit this reported vulnerability. On that note, we’re not currently aware of any customer impact as a result or an attack that seeks to exploit this vulnerability.
We believe at this time that any potential attack would rely on Server Message Block (SMB) communication, and since it’s a good best practice to block that at the firewall, this issue would most likely only affect customers running Windows 2000 on an internal network. Windows 2000 customers connected to the Internet would be at reduced risk from an attack.
If anyone believes they might have been impacted by this issue, they should contact Product Support Services at 1-866-PCSAFETY or for our international customers at http://support.microsoft.com/security.
In the meantime, we can assure you that Microsoft will continue to investigate this and once that investigation is complete, we’ll evaluate the appropriate action to take to protect customers. This may include providing a fix through our monthly release process or providing an out-of-cycle security update.
As always we encourage customers follow the Protect Your PC guidance of enabling a firewall, getting software updates and installing anti-virus software which will help protect from potential threats as well: www.microsoft.com/protect.
-Stephen Toulouse
*This posting is provided “AS IS” with no warranties, and confers no rights.*