Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Microsoft probing Windows 7 zero-day hole

DKT27

By DKT27
in Security & Privacy News

Recommended Posts

  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted

Microsoft probing Windows 7 zero-day hole

Microsoft said on Wednesday it is looking into a report of a vulnerability in Windows 7 and Server 2008 Release 2 that could be used by an attacker to remotely crash the computer.

The company is investigating claims of a "possible denial-of-service vulnerability in Windows Server Message Block (SMB)," the Microsoft spokesperson said, adding that the company was unaware of any attacks trying to exploit the hole.

The bug triggers an infinite loop on the Server Message Block (SMB) protocol used for sharing files in Windows, researcher Laurent Gaffié wrote in a posting on the Full-Disclosure mailing list and on a blog.

"Whatever your firewall is set to, you can get remotely smashed via IE or even via some broadcasting NBNS [NetBIOS Naming Service] tricks," Gaffié wrote.

Gaffié also posted proof-of-concept code for the "Windows 7, Server 2008R2 Remote Kernel Crash."

On Tuesday, Microsoft issued six patches to fix 15 vulnerabilities, including a critical hole in the Windows kernel, as part of November's Patch Tuesday.

Source

Link to comment
Share on other sites
  • Replies 1
  • Views 1.1k
  • Created
  • Last Reply
  • Administrator
DKT27

DKT27

Posted
  • Author
  • Administrator
Posted

Microsoft patching zero-day Windows 7 SMB hole

Microsoft on Friday said it is working on a fix for a vulnerability in the Server Message Block file-sharing protocol in Windows 7 and Windows Server 2008 Release 2 that could be used to remotely crash a computer.

The software giant had said on Wednesday that it was looking at the bug, discovered by researcher Laurent Gaffi?, who published proof-of-concept code on a blog.

"Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable. If exploited, this [denial-of-service] vulnerability would not allow an attacker to take control of, or install malware on, the customer's system but could cause the affected system to stop responding until manually restarted," Dave Forstrom, group manager for public relations at Microsoft Trustworthy Computing, said in a statement. "It is important to note that the default firewall settings on Windows 7 will help block attempts to exploit this issue."

Microsoft is not aware of attacks to exploit the hole at this time, he said.

In an advisory, Microsoft criticized the way Gaffi? handled the discovery.

"Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk," the advisory said. "We continue to encourage responsible disclosure of vulnerabilities."

The advisory suggests that customers block Transmission Control Protocol, or TCP, ports 139 and 445 at the firewall, as a workaround until a patch is ready.

Source

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...