Industry

Flaw in SMB Signing Could Enable Group Policy to be Modified

By Thomas McGuire December 12, 2002, 13:08

Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.

Issue:
A flaw in the implementation of SMB Signing in Windows 2000 & Windows XP could enable an attacker to silently downgrade the SMB Signing settings on an affected system. To do this, the attacker would need access to the session negotiation data as it was exchanged between a client and server, & would need to modify the data in a way that exploits the flaw. This would cause either or both systems to send unsigned data regardless of the signing policy the administrator had set. After having downgraded the signing setting, the attacker could continue to monitor the session & change data within it; the lack of signing would prevent the communicants from detecting the changes.

Affected Software:
Microsoft Windows 2000
Microsoft Windows XP

Patch availability:
Microsoft Windows 2000:
All languages except NEC Japanese
Japanese NEC

Microsoft Windows XP:
32-bit Edition
64-bit Edition

Note - This update is already included in XP Service Pack 1.

0 comments 0 likes and shares