RSS Alerts

Share

More services

Related Links

Related Stories

  • Window 7 users struggle to boot up
    Windows 7 owners are having problems installing their new operating system, especially over Vista, according to comments on Microsoft's support site.
  • Weekly brief - October 19, 2009
    US$4000 lost in Facebook scam; Michigan's airport website closed due to malware; the first Windows 7 security patches appear; and more. We report on the IT security news...
  • Microsoft faces two zero-day security flaws
    Microsoft may be forced to release an out-of-cycle security update for a vulnerability published the same day as the firm released its September Patch Tuesday update.
  • Microsoft fixes browser flaw
    Microsoft’s last Patch Tuesday of the year saw the release of fixes for five flaws in its Internet Explorer browser, including a critical zero-day security vulnerability that was first publicly disclosed three weeks ago.
  • Microsoft warns about zero-day IE vulnerability
    Microsoft said it is investing public reports of a remote code execution vulnerability for all supported versions of Internet Explorer (IE).

Top 5 Stories

News

Microsoft discovers Windows 7 zero-day flaw

17 November 2009

Microsoft has discovered a zero-day denial of service vulnerability in the server message block (SMB) protocol used in Windows 7.

The vulnerability in Windows 7 is due to inadequate field validation within the SMB protocol, which is used to share files across Windows networks. Specially crafted packets could be used to stop a user's system from responding until it was manually restarted, Microsoft explained.

One way that the vulnerability could be exploited is via web transactions. An attacker could host a web page containing a specially crafted URI, Microsoft said. Users browsing the site could force an SMB connection to a server controlled by the attacker, which would then send a malicious response.

The vulnerability, for which attack code has already been written, affects both 32-bit and 64-bit based versions of Windows 7, along with Windows server 2008 R2.

Workarounds involve blocking TCP ports 139 and 445 at the firewall, along with blocking all SMB communications to and from the internet. However, this could cause some applications relying on SMB to stop working.

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012