01.08.2003 - MS02-070: Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)

A flaw in the implementation of SMB signing in Windows 2000 and Windows XP can permit an attacker to silently downgrade the SMB signing settings on an affected computer. To do this, an attacker must have access to the session negotiation data as it is exchanged between a client and server, and must be able to modify the data in a way that exploits the flaw. This can cause either or both computers to send unsigned data no matter what signing policy the administrator sets. After the attacker downgrades the signing setting, the attacker can continue to monitor and change data in the session. The lack of signing prevents the communicators from detecting the changes. - Download Windows XP Home/Professional Edition Patch - Download Windows XP 64 Bit Edition Patch - View Microsoft Security Bulletin MS02-070 - View End User Security Bulletin - View Microsoft Knowledge Base Article - 329170 - Visit Microsoft Corporation