Microsoft sunffed out Vulnerabilities surrounding its Server Messanger Block(SMB) Protocol

Microsoft issued a critical software update Tuesday, plugging three vulnerabilities in all version of its Windows Operating System. The vulnerabilities could enable an attacker who successfully exploits them to install programs; view, change or delete data; or create new accounts with full user rights.

The three flaws, two of which were reported privately and the third of which was publicly disclosed, deal with a hole in the Microsoft Server Message Block Protocol.

The security update addresses the flaw by validating the fields inside the SMB packets, according to Microsoft.

Security Holes
CVE-2008-4843 and CVE-2008-4835 are rated as critical in Windows 2000, Windows XP and Windows Server 2003.
The above two flwas concern unauthenticated remote code execution. vulnerabilities, which exist in the way that Microsoft SMB Protocol handles specially crafted SMB Packets. A remote attacker can install and execute programs, compromise the confidentiality, integrity or availability of sensitive data, and create administrator accounts.

The third one CVE-2008-4114, also affects those OSes. Also rests with a Denial of Service vulnerability that exists in the way that Microsoft SMB Protocol software handles specially crafted SMB packets. The same vulnerabilities in Windows Vista and Windows Server 2008 were given a moderate fating by Microsoft. Insofar as exploits could lead to remote code execution and control over the affected computers.

While no exploits have been detected that take advantage of these vulnerabilities, according to Rodriguez.

Microsoft recommends that Windows users install the security update immediately.