WatchGuard Wire
Improve Your Security IQ
Microsoft confirms a minor Windows 7 DoS Vulnerability
18
November 09 -- In a recent security
advisory, Microsoft confirmed the existence of a minor Denial of Service
(DoS) vulnerability in the SMB2 service that ships with their
latest operating systems, Windows 7 and Windows Server 2008 R2. A
security researcher named Laurent Gaffie first discovered and
reported this vulnerability in this FullDisclosure
mailing-list post. By sending a specially crafted SMB message, an
attacker could exploit this flaw to crash your Windows 7 or Server 2008
R2 computer. You'd have to reboot the machine to recover.
Unfortunately, Gaffie also posted a proof-of-concept exploit that
leverages this flaw.
In the scheme of things, this vulnerability probably does not pose
to severe a risk -- primarily because most administrators block SMB
traffic with their gateway firewall. In most cases, Internet-based
attackers will not be able to exploit this flaw against you. That said,
DoS flaws on servers do pose some risk, since server uptime is
important to many businesses.
Microsoft hasn't had time to patch this flaw yet, but I expect they
might try to release an update by next Patch Day, on December 8. Until
then, your properly configured firewall (hopefully, a WatchGuard
Firebox) will protect you from external attacks leveraging this flaw. --
Corey
Nachreiner,
CISSP
Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.
|
