Security experts warned Tuesday that a vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems.
An exploit written in Python is already available and being tested by security experts. Initial tests by heise security indicate the exploit enabled a remote reboot of a Vista system. However, in the test, the exploit had no apparent effect on a computer running Windows 7 RTM.
Microsoft has yet to acknowledge the issue and release an official update. The only current workaround is to close the SMB ports by un-ticking the boxes for file and printer access in the firewall settings.
Update: Microsoft has confirmed that Windows 7 RC is affected by the flaw but Windows 7 RTM is not.
84 Comments - Add comment