Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Sign up or Login to participate.
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync
|
|||||||
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync
Flaw in SMB Signing Could Enable Group Policy to be Modified
|
|
Thread Tools | Search this Thread |
|
#1
12-12-2002
|
||||
|
||||
|
Flaw in SMB Signing Could Enable Group Policy to be Modified
Issue:
A flaw in the implementation of SMB Signing in Windows 2000 & Windows XP could enable an attacker to silently downgrade the SMB Signing settings on an affected system. To do this, the attacker would need access to the session negotiation data as it was exchanged between a client and server, & would need to modify the data in a way that exploits the flaw. This would cause either or both systems to send unsigned data regardless of the signing policy the administrator had set. After having downgraded the signing setting, the attacker could continue to monitor the session & change data within it; the lack of signing would prevent the communicants from detecting the changes. Affected Software: Microsoft Windows 2000 Microsoft Windows XP Patch availability: Microsoft Windows 2000: All languages except NEC Japanese Japanese NEC Microsoft Windows XP: 32-bit Edition 64-bit Edition Note - This update is already included in XP Service Pack 1. |
|
 |
| Similar Topics | ||||
| Topic | Replies | Forum | ||
 Access Group policy
|
3 | Windows OS | ||
|
Group Policy
|
2 | Windows OS | ||
|
Group policy
|
0 | Software Apps | ||
|
Group policy problem please help me!
|
0 | Windows OS | ||
|
Group Policy?
|
15 | Storage and Networking | ||
| Thread Tools | Search this Thread |
|
|
All times are GMT -4. The time now is 07:54 AM.