Microsoft rushes out quick fix for SMB flaw

By

Issue affects Vista and Windows Server 2008 users.

Microsoft has raced to ship a one-off workaround for the Server Message Block (SMB) v2 vulnerability disclosed earlier this week, in order to mitigate the risk of users’ Vista or Windows Server 2008 products being hacked.

The one-click fix, which was added to a Microsoft security advisory, has been designed to provide users’ machines with temporary respite from any remote code execution attacks targeting the known vulnerability, by disabling SMBv2 and then stopping and starting the Server service.

However, Redmond warned that disabling SMBv2 may slow down SMB connections between Windows Vista and Windows Server 2008 machines.

The firm also confirmed that the exploit code developed for the vulnerability by penetration testing firm Immunity does indeed work. “It works reliably against 32-bit Windows Vista and Windows Server 2008 systems,” said Microsoft in a posting on its Security Research and Defense blog.

"The exploit gains complete control of the targeted system and can be launched by an unauthenticated user.”

As with other security issues brought to light by researchers, such as the disclosure of IIS vulnerabilities recently, Microsoft is again holding the line that customers may have been put at unnecessary risk by the irresponsible way such vulnerabilities were disclosed.

“We continue to encourage responsible disclosure of vulnerabilities,” wrote the firm in its accompanying security advisory.

“We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.”

Microsoft rushes out quick fix for SMB flaw
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Researchers demo AI-crippling GPUHammer attack

Researchers demo AI-crippling GPUHammer attack

Log In

  |  Forgot your password?