James Delahunty
8 Sep 2009 23:20
Concept code has been published that takes advantage of an unpatched vulnerability in Microsoft's implementation of Server Message Block (SMB), which is a protocol used in File and Printer sharing over a network. Microsoft's Windows Vista, Windows Server 2008 and Windows 7 are all currently affected by the unpatched vulnerability, while Windows 2000 and Windows XP are not affected by it at all.
The concept exploit uses the flaw to force Windows machine into the infamous Blue Screen of Death (BSOD). According to security researchers at the Internet Storm Center (ISC), the problem is defeated by using basic firewall protection. "The exploit needs no authentication, only file sharing enabled with one packet to create a BSOD," ISC researchers warn. "We recommend filtering access to port TCP 445 with a firewall."
Microsoft issued a number of security updates during the day to address some serious vulnerabilities in the Windows operating systems. The SRV2.SYS (SMB) file vulnerability that can cause a BSOD was not included, likely due to the timing of the exploit code's release, but Microsoft did reveal that it is investigating the issue.