Malware City/Blog/

Sep
10
Filed Under:
ALERTS

SMB 2.0 Flaw Triggers BSOD

10 September 2009
Vista, Windows 7 Vulnerability Unpatched Yet Security researcher Laurent Gaffie published on his blog details and a proof of concept of an attack using an unpatched vulnerability in Windows SMB 2.0 file servers .

The published code can be used to crash ( as in BSOD ) any Windows Vista or later Windows OS which has the SMB service enabled and accessible - that is, pretty much any machine in the same home or corporate network as the attacker.

Researcher Ruben Santamarta, who has also studied the issue, warns that the flaw may also be exploited to gain control over affected machines, albeit not in a reliable manner. Exploit code has not been published so far.

There is no patch for this vulnerability as yet.


UPDATE:

Microsoft has published an advisory , stating that, contrary to earlier reports, Windows 7 and Windows 2008 RC2 are not vulnerable. The RC Windows 7 version is, though.

The advisory recommends blocking ports on the perimeter firewall and disabling SMB on the internal network (which is a polite way of saying there is no fix yet).






By Razvan Stoica
Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When BitDefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Related

12-08-2009 | WordPress admin accounts at risk, no fix available

27-07-2009 | Fake eBay Confirmation Form

23-07-2009 | Watch Harry Potter and the Half-Blood Prince On-line Free?

23-07-2009 | The Spam Omelette #34

Comment on this

Name:

Email:

Website:

Your email adress will not be published.