The vulnerability in Windows 7 is due to inadequate field validation within the SMB protocol, which is used to share files across Windows networks. Specially crafted packets could be used to stop a user's system from responding until it was manually restarted, Microsoft explained.
One way that the vulnerability could be exploited is via web transactions. An attacker could host a web page containing a specially crafted URI, Microsoft said. Users browsing the site could force an SMB connection to a server controlled by the attacker, which would then send a malicious response.
The vulnerability, for which attack code has already been written, affects both 32-bit and 64-bit based versions of Windows 7, along with Windows server 2008 R2.
Workarounds involve blocking TCP ports 139 and 445 at the firewall, along with blocking all SMB communications to and from the internet. However, this could cause some applications relying on SMB to stop working.