The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

SMB Zero-Day affects Windows 8, 10 and Server

2017-02-03 16:04 by
Tags: , ,

 

A new vulnerability in SMB protocol may be exploited to inject and execute malicious code on Windows computers. SMB is a protocol widely used to connect Windows clients and servers.

The bug affects several Windows OS versions, such as Windows 10, 8.1, Server 2012, and Server 2016. It has been discovered by researcher Laurent Gaffie.

"This bug can be used to trigger a reboot on a given target, it can be either local (via netbios, llmnr poisoning) or remote via a UNC link (example: adding an image with a link: \\attacker.com\file.jpg in an email)," Gaffie said. "It's important to note that this trivial bug should have been caught immediately by their SDLC process, but surprisingly it was not. This means that the new code base was simply not audited or fuzzed before shipping it on their latest operating systems."

Microsoft is aware and considers the vulnerability a remotely triggered denial-of-service bug, low-risk. No patches are currently available, but mitigations include blocking outbound SMB connections (TCP ports 139 and 445 and UDP ports 137 and 138) from the local network to the wide-area network.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About