Home / bulletins MS08-068 – Important: Vulnerability in SMB Could Allow Remote Code Execution (957097) - Version:1.1
Posted on 25 November 2008
There is an newer version: MS08-068 - Version: 1.2
ImportantSeverity Rating: Important - Revision Note: V1.1 (November 12, 2008): Corrected entry in the FAQ for SMB Credential Reflection Vulnerability - CVE-2008-4037 section to clarify reports of published proof of concept code. Microsoft has not received any direct reports that this vulnerability had been publicly used to attack customers.Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on affected systems. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-068 - Version: 1.0
- MS08-068 - Version: 1.1
- MS08-068 - Version: 1.2
