Microsoft Issues Advisory on Windows 7 Security Bug
Microsoft released a security advisory to help users mitigate a bug affecting Windows 7 and Windows Server 2008 Release 2.
The security vulnerability was reported last week by researcher Laurent Gaffie and can be exploited to remotely trigger a denial-of-service condition in Windows 7 and Windows Server 2008 R2. Gaffie posted proof-of-concept code to the Full Disclosure mailing list and his personal blog last week.
The bug he uncovered lies within the Server Message Block (SMB) protocol and affects SMB versions 1 and 2, the advisory states. SMB is the file-sharing protocol used by default on Windows-based computers.
According to Microsoft,
users can block
"Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable," Dave Forstrom, group manager of public relations for Microsoft Trustworthy Computing, said in a statement. "If exploited, this DoS vulnerability would not allow an attacker to take control of, or install malware on, the customer's system but could cause the affected system to stop responding until manually restarted. It is important to note that the default firewall settings on Windows 7 will help block attempts to exploit this issue."
According to the advisory, the issue can be exploited through Web transactions regardless of browser type.
"In a Web-based attack
scenario, an attacker would have to host a Web page that contains a specially
"In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability," the advisory continues." An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince them to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes them to the attacker's site."
Microsoft noted that the vulnerability is unrelated to MS09-050, which addressed three security issues affecting SMB Version 2.