Share
Update:
Kernel Smash vulnerability being investigated.(IMG:J.Anderson)
Microsoft has issued a statement and published an advisory about the problems in the SMB protocol.
"Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable. If exploited, this DoS vulnerability would not allow an attacker to take control of, or install malware on, the customer’s system but could cause the affected system to stop responding until manually restarted. It is important to note that the default firewall settings on Windows 7 will help block attempts to exploit this issue," the statement read in part.
"The company is not aware of attacks to exploit the reported vulnerability at this time. While Microsoft is not currently aware of active attacks, the company recommends customers review and implement the workarounds outlined in the advisory until a comprehensive security update is released. Microsoft continues to encourage the responsible disclosure of vulnerabilities to ensure customers receive comprehensive, high-quality updates without exposure to attack."
The advisory (977544) is here.
Original Article:
Not 24-hours after Microsoft released their monthly security patches, none of which affected Windows 7. One researcher has discovered a vulnerability in the newest member of the Microsoft family that if exploited will lead to Denial-of-Service. If that wasn’t bad enough, the vulnerability will work on Server 2008 R2 as well.
Calling the discovered flaw “noob,” researcher Laurent Graffie said in blog post that it should have been spotted years ago. “The bug is so noob, it should have been spotted 2 years ago by the SDL if the SDL had ever existed.”
“What ever your firewall is set to, you can get remotely smashed via IE or even via some broadcasting NBNS tricks (no user interaction). How funny,” Graffie added.
The bug itself, which Graffie and others agree should have been caught during the QA process, will trigger an infinite loop on SMB (Server Message Block). Going into more detail, the crash itself is caused by sending a NetBIOS header that specifies that the file size for the SMB packet header is four bytes smaller or larger than it actually is, explained Simon Price on the Praetorian Prefect blog.
“The Operating System actually freezes. There is no error message, no blue screen of death, no indication that anything has gone wrong. Even after power cycling, the event logs show no sign of a mishap, aside from the typical events generated from booting up again,” said Price.
According to Microsoft, they are investigating the problem and a fix is likely to be held for the first service pack releases for Windows 7 and Server 2008 R2. Since then, they have made no other comments.
We’ll keep updating this story as more information becomes available.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story