Microsoft has promised to patch a flaw in Windows Vista and 7 that could allow hackers to take complete control of the machine.
The company was alerted to the flaw after security researcher Laurent Gaffie produced exploit code which showed how Microsoft's SMB2 network file and print-sharing protocol could be hacked to allow attackers to hijack the machine.
The exploit was initially used to bring on the dreaded blue screen of death, however Microsoft later admitted that it could also be used to remotely execute malicious code on vulnerable machines.
"An attacker who successfully exploited this vulnerability could take complete control of an affected system," says Microsoft's advisory. "Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."
Versions of Windows older than Vista do not use SMB2 and remain unaffected by the threat. Microsoft also claims that while the release candidates of Windows 7 and Windows Server 2008 R2 are vulnerable, RTM editions are not.
Microsoft claims it is working on a patch, but has not confirmed when it will be made available. Until then, the company is recommending that users disable SMB2 by editing the Windows Registry. If that's beyond you, it also suggests blocking TCP ports 139 and 445 at the firewall.
This latter method will also bring several important services and applications, including the browser, screeching to a halt, Microsoft admits.
The flaw is the second embarrassing vulnerability the company is being forced to deal with. Earlier in the month, Microsoft admitted it was investigating a critical vulnerability in Internet Information Services (IIS) server, after a hacker posted exploit code to the milw0rm.com site.
Comments :
Post a Comment