Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Hole in Windows Vista and 7 allows remote reboot

08 Sep 2009   #1
LFB

Windows7 Enterprise SP1 x64 (Technet)
 
 
Hole in Windows Vista and 7 allows remote reboot

Quote:
Hole in Windows Vista and 7 allows remote reboot

A vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems. The root of the problem is an error in how the srv2.sys driver handles client requests when the header of the "Process Id High" field contains an ampersand. The attack does not require authentication; port 445 of the target system merely has to be accessible, which in the default Windows local network configuration, it usually is. SMB2 is an extension of the conventional server message block protocol.
More...


My System SpecsSystem Spec
.
08 Sep 2009   #2
fseal

Windows 7 x64 Ultimate
 
 

Who has SMB open on their net interface?!?



[Edit]

I mean the artical says exploitation over the net, then says the hole is only open by default on the local network interface. :/

You would have to go out of your way to actually make yourself vulnerable to this( from the net).
My System SpecsSystem Spec
08 Sep 2009   #3
Airbot

Windows 7 Ultimate x64 SP1
 
 

This says the Windows 7 RC affected, but not RTM.

Microsoft: Windows 7 not affected by latest flaw | Beyond Binary - CNET News
My System SpecsSystem Spec
.

08 Sep 2009   #4
Zidane24

Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
 
 

Quote   Quote: Originally Posted by Airbot View Post
Good to know Airbot...some folks like to jump the gun to quickly
My System SpecsSystem Spec
09 Sep 2009   #5
7Dreams

Windows 7 Build 7600 64bit/Ubuntu/Leopard
 
 
Microsoft: Windows 7 not affected by latest flaw

Quote:
Microsoft issued a formal security advisory late Tuesday on a reported zero-day flaw in Windows Vista and Windows Server 2008. However, the software maker also said that the flaw does not affect the final version of Windows 7, contrary to earlier reports.
"Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation," Microsoft said in the advisory. "We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time."
The flaw could allow an attacker to gain control of a system, although Microsoft said that "most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."
The software maker said it is working with security software partners to provide information that can be used to create protections. Once its investigation is wrapped up, Microsoft said it will take action, which could include releasing a patch during its next monthly cycle or doing an "out-of-band" release, if necessary. Tuesday was Microsoft's monthly release for patches, which included five critical Windows updates addressing eight vulnerabilities.
The software maker said the latest issue affects the "release candidate" version of Windows 7, but not the final version that was completed in July. Also, the recently completed Windows Server 2008 R2 is not vulnerable, Microsoft said, nor are the earlier Windows XP and Windows 2000 operating systems.
Microsoft is already dealing with a separate, still unpatched flaw reported last week. Attacks have already been seen based on that vulnerability. Microsoft has taken issue with the fact that that flaw, like the latest one, was reported publicly as opposed to being privately disclosed to Microsoft, giving the company time to patch it.
Source: Microsoft: Windows 7 not affected by latest flaw | Beyond Binary - CNET News
My System SpecsSystem Spec
09 Sep 2009   #6
Zen00

Windows 7 Ultimate x64
 
 

It's a good thing I'm not an important figure or anything, nobody would waste their time attacking my computer.
My System SpecsSystem Spec
09 Sep 2009   #7
Uber Philf

W7 RTM Ultimate x64
 
 

Same here haha :P thats just a tad scarey knowing this :S
My System SpecsSystem Spec
09 Sep 2009   #8
Lebon14

Windows 7 Home Premium x64 SP1
 
 

Only causes reboot? No need to worry then ^_^
My System SpecsSystem Spec
09 Sep 2009   #9
Zidane24

Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
 
 

Quote   Quote: Originally Posted by Lebon14 View Post
Only causes reboot? No need to worry then ^_^
Except for the feeling of being violated
My System SpecsSystem Spec
10 Sep 2009   #10
logicearth

Windows 10 Pro (x64)
 
 

A properly configured firewall, at least on the router end, blocks remote SMB connections (port 445). Not sure if a consumer router+firewall is set by default to block remote SMB connections (but mine does).
My System SpecsSystem Spec
Reply

 Hole in Windows Vista and 7 allows remote reboot




Thread Tools




Similar help and support threads
Thread Forum
Endless Reboot Loop When Upgrading from Vista to Windows 7
I'm upgrading one of my PCs from Vista Home Premium 64-bit to Windows 7 Home Premium 64-bit. This is from a CD. Everything went great until it restarted itself and this message showed up: "The computer restarted unexpectedly or encountered an unexpected error windows installation cannot...
Installation & Setup
Remote Desktop from W7 to Vista
Hello. I remote desktop from my laptop running W7 Home Premium 64bit to my desktop running Vista Ultimate 64bit. Everything runs alright but the graphic appearance of Vista is not good at all. Would anyone know if this can be optimized somehow - for example by changing default font on Vista? ......
Network & Sharing
RDP how to reboot remote computer - little tip
Hi all not sure if it is commonly known but there is a simple way to re-boot a remote computer when logged on to RDP. CTRL-ALT-DEL doesn't work of course - bit if you press CTRL-ALT-END in the remote session you get the full re-start menu. It's not obvious but sometimes when you need to...
Network & Sharing
BOD on first reboot after install...Vista 32 - Win 7 64
OK...this is not my first rodeo, but dang it, I'm missing something... Wife's laptop...Toshiba Satellite AMD Turion X2 64 bit with 3G ram... Was running Vista Home 32 bit. Clean install of Win 7 64 bit... Gets through all steps, boots up, desktop looks good, install to "important"...
Installation & Setup


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:55.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App