• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows SMB Credential Reflection Vulnerability

Solution:
Microsoft has released a security bulletin and fixes to address this issue.


Microsoft Windows XP Media Center Edition SP2

• Microsoft Security Update for Windows XP (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6f8ae0aa-fd68 -4156-9016-bba00149793c

Microsoft Windows Server 2008 for x64-based Systems 0

• Microsoft Security Update for Windows Server 2008 x64 Edition (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=e8d26dfd-b347 -4f10-b5b6-27dfff5e4f47

Microsoft Windows Server 2003 Itanium SP1

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6abf7ba9-825f -4ee2-a2fe-6b1cd9fab622

Microsoft Windows Vista Home Basic

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Vista Business SP1

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=44c971e6-96fc -4bba-8f4a-f9d46bda2b6c

Microsoft Windows Vista Ultimate

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

3DM Software Disk Management Software SP2

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows Vista x64 Edition 0

• Microsoft Security Update for Windows Vista for x64-based Systems (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=727ce9b6-827f -4350-b4ff-c08e8ac541a6

Microsoft Windows Vista Home Premium SP1

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Server 2003 Standard Edition SP2

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows XP Home SP2

• Microsoft Security Update for Windows XP (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6f8ae0aa-fd68 -4156-9016-bba00149793c

3DM Software Disk Management Software SP1

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows 2000 Datacenter Server SP4

• Microsoft Security Update for Windows 2000 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=44c971e6-96fc -4bba-8f4a-f9d46bda2b6c

Microsoft Windows Vista Home Basic SP1

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Server 2003 Itanium SP2

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6abf7ba9-825f -4ee2-a2fe-6b1cd9fab622

Microsoft Windows XP Media Center Edition SP3

• Microsoft Security Update for Windows XP (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6f8ae0aa-fd68 -4156-9016-bba00149793c

Microsoft Windows Server 2008 Standard Edition 0

• Microsoft Security Update for Windows Server 2008 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=b305e894-61ec -46b4-91ee-4c9ac59bc47e

Microsoft Windows XP Professional x64 Edition

• Microsoft Security Update for Windows XP x64 Edition (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=9501b33b-d639 -43e7-ad5a-9e76ed66effd

Microsoft Windows Server 2003 Web Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows Server 2003 Web Edition SP2

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows XP Home SP3

• Microsoft Security Update for Windows XP (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=6f8ae0aa-fd68 -4156-9016-bba00149793c

Microsoft Windows Vista Home Premium

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows XP Professional x64 Edition SP2

• Microsoft Security Update for Windows XP x64 Edition (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=9501b33b-d639 -43e7-ad5a-9e76ed66effd

Microsoft Windows Vista Enterprise

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Server 2003 Standard Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=57a0606d-ea7a -4e5b-8b8b-7b77a444ef75

Microsoft Windows Server 2008 for Itanium-based Systems 0

• Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=d565467d-e10f -4ddc-a278-3f81a3798686

Microsoft Windows Server 2008 for 32-bit Systems 0

• Microsoft Security Update for Windows Server 2008 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=b305e894-61ec -46b4-91ee-4c9ac59bc47e

Microsoft Windows Vista Business

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Server 2003 x64 SP2

• Microsoft Security Update for Windows Server 2003 x64 Edition (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=915e001f-9aa0 -4fb0-9c2a-0f0c72b4f056

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=44c971e6-96fc -4bba-8f4a-f9d46bda2b6c

Microsoft Windows Vista x64 Edition SP1

• Microsoft Security Update for Windows Vista for x64-based Systems (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=727ce9b6-827f -4350-b4ff-c08e8ac541a6

Microsoft Windows Vista Ultimate SP1

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869

Microsoft Windows Server 2008 Datacenter Edition 0

• Microsoft Security Update for Windows Server 2008 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=b305e894-61ec -46b4-91ee-4c9ac59bc47e

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=44c971e6-96fc -4bba-8f4a-f9d46bda2b6c

Microsoft Windows Server 2008 Enterprise Edition 0

• Microsoft Security Update for Windows Server 2008 (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=b305e894-61ec -46b4-91ee-4c9ac59bc47e

Microsoft Windows Vista Enterprise SP1

• Microsoft Security Update for Windows Vista (KB957097)
  http://www.microsoft.com/downloads/details.aspx?familyid=5612815f-8685 -45d2-af4a-164c298a0869