Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: exploitability of the most recent Windows BROWSER protocol issue

19 Feb 2011   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
exploitability of the most recent Windows BROWSER protocol issue

Quote:

Earlier this week a PoC exploit for a vulnerability in the BROWSER protocol was released on Full Disclosure. There has been some discussion regarding whether this issue can result in Remote Code Execution (RCE) or is only a Denial of Service (DoS). This blog post provides details on the exploitability based on our internal analysis.

Which systems are vulnerable


All versions of Windows are vulnerable, although the issue is more likely to affect server systems running as the Primary Domain Controller (PDC). In environments following best practices, the BROWSER protocol should be blocked at the edge firewalls thus limiting attacks to the local network.

The BROWSER protocol operates on top of SMB and is used to discover machines and resources on the network. It is implemented as a kernel driver (mrxsmb.sys or bowser.sys, depending on the version of Windows). This vulnerability affects Windows machines that have been configured to (A) use the BROWSER network protocol and (B) that then become Master Browser on the local network. The BROWSER protocol uses an election process to determine which system will act as the “master” in terms of data collection and response handling.
Notes on exploitability of the recent Windows BROWSER protocol issue - Security Research & Defense - Site Home - TechNet Blogs


My System SpecsSystem Spec
.

Reply

 exploitability of the most recent Windows BROWSER protocol issue




Thread Tools





Similar help and support threads
Thread Forum
Clearing Windows 7 Recent Places list (not Recent Items or Programs)
I have searched everywhere on the Internet, including Microsoft Support and Community, for a solution to this problem. I am looking for a way to clear the Recent Places list. I can clear Recent Items. In fact, almost all of the solutions for clearing Recent Places that a search turns up actually...
General Discussion
Frequent BSODs. Recent issue.
So my Windows 7 x64 partition has been BSODing frequently for the past 2 months. BSOD error messages are too vague. No BSODs in safe mode. Was able to do a full defrag in safe mode. Updated graphics driver, didn't help. Windows XP partition is perfectly stable for over a year now, so I doubt it's...
BSOD Help and Support
CIFS Browser Protocol Heap Corruption Vulnerability
My Sweet Valentine - the CIFS Browser Protocol Heap Corruption Vulnerability - Microsoft Malware Protection Center - Site Home - TechNet Blogs
Security News
Recent W7 repair install issue
For reasons in another thread I today did a W7 repair install. This has left my SSD drive which had 15.6gb free space out of 59.6gb now has only 12gb flat. Question is has this repair doubled up on certain windows files with which I can delete now? Is there a method which can assure removal of only...
Installation & Setup
router issue causes hanging browser - could it be a Windows 7 update?
Does anyone know if a recent Windows 7 update might have contained a glitch that is causing my router to misfunction? This is a D-Link DI-624M wired router for just new PCs (a few months old, both with Windows 7, 64-bit) and almost from the start I have constant IP configuration problems (at...
Network & Sharing
Interesting connectivity issue, just a browser issue
Opps, maybe not so unique since I just noticed an ENTIRE forum for browsers...perhaps moving this is appropriate...if so, please do. I will be reading up in there. Its interesting because I can't find any mention of it anywhere on this site. Specifically browser connectivity is lost after a...
Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 14:59.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App