kemical
Essential Member
- Joined
- Aug 28, 2007
- Messages
- 36,176
- Thread Author
- #1
A WINDOWS 7 zero day exploit has been spotted just a day after the operating system was declared risk free in Microsoft's monthly security bulletin.
The newly found bug was discovered by Laurent Gaffie and details were posted on the Full Disclosure mailing list.
The Vole is investigating the reported flaw which basically crashes a Windows 7 system when exploited.
It is caused by a flaw in the Server Message Block (SMB) protocol that forms the backbone of Windows file sharing. When triggered, the flaw results in an infinite loop that renders the computer useless, or at least more useless than it was before when Windows was still running.
The vulnerability hits Windows 7 and Windows Server 2008 R2. There are a couple different proof-of-concept exploits circulating but nothing so far that indicates the flaw is being attacked.
Crashing the system is not really much good for hackers and the flaw does not provide any unauthorized remote access that could lead to compromising information or performing other malicious activities.
A work-around to fix the problem involves blocking TCP ports 135 through 139 along with port 445, which stops SMB traffic from entering the network.
All fairly minor and unlikely, still it does rain on the Vole's parade a little. On Tuesday it was proudly saying there were no security bugs in Windows 7 and now it has to admit that there is one, even if it is no big deal.
Link Removed - Invalid URL
The newly found bug was discovered by Laurent Gaffie and details were posted on the Full Disclosure mailing list.
The Vole is investigating the reported flaw which basically crashes a Windows 7 system when exploited.
It is caused by a flaw in the Server Message Block (SMB) protocol that forms the backbone of Windows file sharing. When triggered, the flaw results in an infinite loop that renders the computer useless, or at least more useless than it was before when Windows was still running.
The vulnerability hits Windows 7 and Windows Server 2008 R2. There are a couple different proof-of-concept exploits circulating but nothing so far that indicates the flaw is being attacked.
Crashing the system is not really much good for hackers and the flaw does not provide any unauthorized remote access that could lead to compromising information or performing other malicious activities.
A work-around to fix the problem involves blocking TCP ports 135 through 139 along with port 445, which stops SMB traffic from entering the network.
All fairly minor and unlikely, still it does rain on the Vole's parade a little. On Tuesday it was proudly saying there were no security bugs in Windows 7 and now it has to admit that there is one, even if it is no big deal.
Link Removed - Invalid URL
