The SMB protocol allows Windows computers to share files and printers on a network. A flaw in the way SMB handles incoming data provides an opening for hackers. “An attacker who successfully exploited this vulnerability could take complete control of an affected system,” Microsoft says in its advisory. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

“If your organization is unlucky enough to still have Windows NT 4.0 systems … then you do not have a whole lot of options,” wrote eEye’s Marc Maiffret, who noted that enabling SMB signing could offer additional protection for some NT4 servers, but might also interfere with existing applications.

Microsoft has been urging Windows server customers to update to Windows Server 2003, citing security as a motivation to migrate fropm NT4. “Windows NT Server 4.0 was developed before the era of sophisticated Internet based attacks. It has reached the point of architectural obsolescence,” said Peter Houston, Microsoft’s senior director of Windows Serviceability. “It would be irresponsible to convey a false sense of security by extending public support for this server product.”