Tuesday, November 17, 2009

Advisory Windows 7 Security Bug

Microsoft releases an advisory to help users concerned about a new zero-day vulnerability affecting Windows 7 and Windows Server 2008 R2. The bug was made public last week after Patch Tuesday.

Microsoft released a security advisory to help users mitigate a bug affecting Windows 7 and Windows Server 2008 Release 2.

The security vulnerability was reported last week by researcher Laurent Gaffie and can be exploited to remotely trigger a denial-of-service condition in Windows 7 and Windows Server 2008 R2. Gaffie posted proof-of-concept code to the Full Disclosure mailing list and his personal blog last week.

The bug he uncovered lies within the Server Message Block (SMB) protocol and affects SMB versions 1 and 2, the advisory states. SMB is the file-sharing protocol used by default on Windows-based computers.

According to Microsoft, users can block TCPports 139 and 445 at the firewall to defend themselves against exploits. Instructions on how to do that are contained within the advisory. Several Windows services use the affected ports, so blocking connectivity to the ports may cause various applications or services to stop functioning, Microsoft warned.

Read the full story

No comments: