Found it
I found it...
First Windows 7 zero day exploit is spotted
You probably were not expecting this
By
Link Removed - Invalid URL
Friday, 13 November 2009, 11:42
A WINDOWS 7 zero day exploit has been spotted just a day after the operating system was declared risk free in Microsoft's monthly security bulletin.
The newly found bug was discovered by Laurent Gaffie and details were posted on the
Full Disclosure mailing list.
The Vole is investigating the reported flaw which basically crashes a Windows 7 system when exploited.
It is caused by a flaw in the Server Message Block (SMB) protocol that forms the backbone of Windows file sharing. When triggered, the flaw results in an infinite loop that renders the computer useless, or at least more useless than it was before when Windows was still running.
The vulnerability hits Windows 7 and
Windows Server 2008 R2. There are a couple different proof-of-concept exploits circulating but nothing so far that indicates the flaw is being attacked.
Crashing the system is not really much good for hackers and the flaw does not provide any unauthorized
remote access that could lead to compromising information or performing other malicious activities.
A work-around to fix the problem involves blocking TCP ports 135 through 139 along with port 445, which stops SMB traffic from entering the network.
All fairly minor and unlikely, still it does rain on the Vole's parade a little. On Tuesday it was proudly saying there were no security bugs in Windows 7 and now it has to admit that there is one, even if it is no big deal.
Link Removed - Invalid URL