Vulnerability in Server Message Block 2 could be used to hijack PCs; flaw doesn't affect Windows 7 or Server 2008 R2 RTMs, or older versions like 2000 and XP
Microsoft late Tuesday confirmed that a bug in Windows Vista, Windows Server 2008, and the release candidates of Windows 7 and Windows Server 2008 R2, could be used to hijack PCs.
The vulnerability in SMB (Server Message Block) 2, a Microsoft-made network file- and print-sharing protocol that ships with Windows, was first disclosed late Monday, when a researcher posted exploit code he claimed crashed Windows Vista and Windows 7 systems, causing the dreaded "Blue Screen of Death."
[ Some experts say Microsoft may be forced to rush out emergency patches later this month. | Are you up to snuff in your security regimen? Get your defenses in tip-top shape with InfoWorld’s Security Boot Camp, a 20-lesson course via e-mail that begins Sept. 21. | Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]
Later in the day, several researchers, including Tyler Reguly, a senior security engineer of nCircle Network Security, vouched that tests showed the attack code crashed machines running Vista, Server 2008 and the Windows 7 and Server 2008 R2 release candidates, but not the final, or RTM, versions of the latter two. Also on Tuesday, another researcher, Ruben Santamarta , said on the Bugtraq mailing list that the vulnerability was not only a denial-of-service flaw, but also allowed remote code execution, security-speak for a bug that could be used to jack a machine.
In a security advisory issued around 9 p.m. ET Tuesday, Microsoft corroborated both Reguly's and Santamarta's findings.
"An attacker who successfully exploited this vulnerability could take complete control of an affected system," Microsoft's advisory said. "Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."
Microsoft also noted that while the release candidates of Windows 7 and Windows Server 2008 R2 are vulnerable, the RTM, or release to manufacturing, editions are not.
The RTM versions of Windows 7 and Windows Server 2008 R2 are the ones that were handed over to computer makers in late July, and issued to volume license customers, and some developers and IT professionals in early August.
The release candidates, on the other hand, have been widely distributed, with millions of users downloading Windows 7 RC during the three and a half months it was available to the public.
"This vulnerability was reported after the release of Windows 7 Release Candidate," Microsoft's advisory noted. "Customers running this platform are encouraged to review this advisory and follow the steps listed here."
For full story:
http://www.infoworld.com/d/security-cen ... rc-bug-954