Situation update on Microsoft Security Advisory 935964

Hello everyone,

This is Christopher Budd. I wanted to give you a brief update with the latest information on the situation from our ongoing work over the weekend.

Our teams are continuing their work to develop a security update to address this issue. Our ongoing monitoring of attacks in conjunction with our MSRA partners indicates that attacks are still limited. We are aware though of public disclosure of proof of concept code to exploit the vulnerability. We continue to urge customers to deploy the workarounds in their environments as quickly as possible.

We have today made some new additions to the advisory. We’ve added some new information about the impact of some of the workarounds on systems with 15 character, or longer, system names. We’ve also noted that it is possible for a user with valid logon credentials to access the vulnerability over port 445.  As always, we’re continuing to work around the clock to monitor the situation closely, continue our technical investigations and develop a security update to address this issue.

We’ll continue to update the advisory with new information as well as the MSRC weblog.



*This posting is provided “AS IS” with no warranties, and confers no rights.*