Flaw in SMB Signing Could Enable Group Policy to be Modified

By TS | Thomas
Dec 12, 2002
  1. Issue:
    A flaw in the implementation of SMB Signing in Windows 2000 & Windows XP could enable an attacker to silently downgrade the SMB Signing settings on an affected system. To do this, the attacker would need access to the session negotiation data as it was exchanged between a client and server, & would need to modify the data in a way that exploits the flaw. This would cause either or both systems to send unsigned data regardless of the signing policy the administrator had set. After having downgraded the signing setting, the attacker could continue to monitor the session & change data within it; the lack of signing would prevent the communicants from detecting the changes.

    Affected Software:
    Microsoft Windows 2000
    Microsoft Windows XP

    Patch availability:
    Microsoft Windows 2000:
    All languages except NEC Japanese
    Japanese NEC

    Microsoft Windows XP:
    32-bit Edition
    64-bit Edition

    Note - This update is already included in XP Service Pack 1.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...