New flaw can crash Windows Vista and Server 2008 remotely (Updated)

By Emil Protalinski.

Redmond is investigating reports that a newly discovered flaw in Microsoft's implementation of the Server Message Block 2 (SMB2) protocol, an extension of the conventional server message block protocol, can be exploited to remotely crash and restart computers running Windows Vista or Windows 7. The attack does not require authentication, but port 445 of the target system must be open, and on Windows it is open by default. Laurent Gaffié, who discovered the vulnerability, has contacted Microsoft, noting that the only solution he can think of is to turn off the SMB feature and close port 445.

Article link -
New flaw can crash Windows Vista and Server 2008 remotely (Updated) - Ars Technica
 
Click to expand...
Re: Microsoft Security Response Centre; MS Security Advisory 975497 Released.

MSRC have released details of Security Advisory 975497, here;


The Microsoft Security Response Center (MSRC) : Microsoft Security Advisory 975497 Released

...and expanded further with details of;

Microsoft Security Advisory (975497); Vulnerabilities in Microsoft SMB (Server Message Block) Could Allow Remote Code Execution.

This advisory is detailed, with information about affected and unaffected software. This is an extract from the advisory, of some of the affected software;

Affected Software; Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
The advisory also has extensive information on workarounds for the vulnerability. It is stressed that the workarounds do not provide a solution for the issue, but can afford some interim security by helping to block known attack sources, before an update to fix the problem, is issued. These details can be read by clicking onto "Advisory 975497" in the first sentence of the advisory.
 
Last edited:

My Computer

System One

  • Manufacturer/Model
    Acer Aspire Notebook 5633WLMi.[5630 Series]
    CPU
    Intel Centrino Duo Processor - Intel Core 2 CPU.
    Memory
    4GB DDR2 [3.07GB maximum real available]
    Graphics Card(s)
    nVidia GeForce Go 7300, 128MB
    Sound Card
    Realtek HD Audio, Ver. 6.0.1.5717, 2.08MB
    Monitor(s) Displays
    Acer Aspire Notebook - 15.4"; Acer LCD Monitor X223Wsd - 22".
    Screen Resolution
    1280x800x60Hertz [max.]
    Hard Drives
    Notebook - Samsung HM320JI 320GB HD installed 07 August 2009.
    External HDs [4];Maxtor One Touch4 - 500GB External HD [Drive M:\].Western Digital WDXMS1200TA - 120GB External HD [Drive G:\ - Windows Defender Backup Files only]. Two x LaCie 320GB Mobi
    Mouse
    Logitech Wireless V320 for Notebooks - Model M/N: M-RCD125
    Internet Speed
    Down 20000kb/sec / Up 1000kb/sec [Bigpond-Aus]
    Other Info
    Brother MFC-465CN; PC to Fax/Scan/Copy/Photo MFC. Epson Perfection V300 Photo Scanner. Siemens Speedstream 6520 Router. Wacom 'Bamboo Fun' CTE-650 PC Tablet, Stylus and Mouse. UAC - On;Activated. Browsers; [1] FireFox v3.6[2] IE8. Honorary R.S.M. to the 4th [Assault Pioneer] Troop Pune Sepoys , and 3rd Troop Jodhpur Bengali Lancers.
You must log in or register to reply here.
Back
Top