Windows File-Sharing Zero-Day Allows for PC Takeover
A new security vulnerability involving the Server Message Block protocol, used for Windows file-sharing, can allow a remote attacker to take control of a vulnerable Vista, Server 2008 or Windows 7 RC computer, in addition to causing it to crash as previously reported.
Security researchers found that the bug could be hit to cause the venerable Blue Screen of Death computer crash if a PC has file sharing enabled. But in Security Advisory 975497, released yesterday, Microsoft wrote that "an attacker who successfully exploited this vulnerability could take complete control of an affected system. Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."
A hole that allows for assuming control of a computer from across a network is about as bad as it gets, and I've asked for confirmation from Microsoft that this is in fact possible with this SMB flaw. Windows XP, 2000 and Server 2008 R2 are not at risk, nor is Windows 7 RTM. More