We’ve just released Microsoft released Security Advisory 975497 that provides information about a new, irresponsibly reported vulnerability in SMB 2.0. Our investigation has shown that Windows Vista, Windows Server 2008 and Windows 7 RC are affected by this vulnerability. Windows 7 RTM, Windows Server 2008 R2, Windows XP and Windows 2000 are not affected by this vulnerability.
The Security Advisory outlines steps that Windows Vista and Windows Server 2008 customers can take to help protect themselves while we work on a security update for this issue.
As always, we’ve provided information through Microsoft Active Protections Program (MAPP) as well as the Microsoft Security Response Alliance (MSRA) that they can use to help provide broader protections to customers.
We will update you through our security advisory and the MSRC Weblog as we have new information.
Thanks
Christopher
*This posting is provided “AS IS” with no warranties, and confers no rights*