Windows File-Sharing Zero-Day Allows for PC Takeover

Windows File-Sharing Zero-Day Allows for PC Takeover

A new security vulnerability involving the Server Message Block protocol, used for Windows file-sharing, can allow a remote attacker to take control of a vulnerable Vista, Server 2008 or Windows 7 RC computer, in addition to causing it to crash as previously reported.

Security researchers found that the bug could be hit to cause the venerable Blue Screen of Death computer crash if a PC has file sharing enabled. But in Security Advisory 975497, released yesterday, Microsoft wrote that "an attacker who successfully exploited this vulnerability could take complete control of an affected system. Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."

A hole that allows for assuming control of a computer from across a network is about as bad as it gets, and I've asked for confirmation from Microsoft that this is in fact possible with this SMB flaw. Windows XP, 2000 and Server 2008 R2 are not at risk, nor is Windows 7 RTM.

More ...

Thanks Nigel ... Nice Catch

I have a few RSS feeds that give me this sort of info on a regular basis - I've been a bit busy so not been checking them as often as I should - and when I do they're out of date

Will try to post more - good security will defeat most but it's useful to know what's about to better help others :)

Good to know we are safe then.

~Lordbob

When I'm asked by a client what is the best defence against malware, I tend to point them to the nearest mirror .

Most malware infections have a significant user contribution.

Good computing practices in tandem with the tools now available are an effective defence against even Zero Day Exploits