Microsoft Windows SMB NTLM Authentication Lack of Entropy Exploit (MS10-012)

An unauthenticated remote attacker without any kind of credentials can access the SMB service under the credentials of an authorized user. Depending on the privileges of the authorized user, and the configuration of the remote system, an attacker could gain read/write access to the remote file system and execute arbitrary code by using DCE/RPC over SMB.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Tuesday, January 18, 2011 - 18:00