Home / bulletins MS10-012 - Important: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) - Version:1.1
Posted on 11 February 2010
ImportantSeverity Rating: Important - Revision Note: V1.1 (February 10, 2010): Corrected the FAQ for SMB Null Pointer Vulnerability - CVE-2010-0022 to reflect that the vulnerability was responsibly disclosed. Changed the Systems Management Server table entries for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. Corrected the verification registry key for all supported x64-based editions of Windows XP. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.
