Windows SMB Information Disclosure Vulnerability

ID MS:CVE-2019-0821
Type mscve
Reporter Microsoft
Modified 2019-03-12T07:00:00


An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.

To exploit the vulnerability, an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server

The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests.