17
Sep
2009
Serious security bug found in Windows Vista
By IPSECS Admin. Posted in Exploitation, News | No Comments »An independent security consultant publicized this week the details to a critical flaw in the server message block version 2 (SMB2) component of Microsoft’s Windows Vista, Windows Server 2008, and the release candidate for Windows 7.
The researcher, Laurent Gaffié, claimed in his advisory that the vulnerability causes a Blue Screen of Death, a pernicious crash on Windows system, but other researchers have subsequently concluded that the flaw is actually remotely exploitable, a more serious issue.
Microsoft acknowledged the flaw on Tuesday in an advisory. The flaw does not affect the latest version of Windows 7, Windows Server 2008 R2, nor Windows XP, the company stated. Microsoft took the researcher to task for disclosing the information before it fixed the security issue.
Yet, Gaffié argued that the disclosure was fair. The software company should have done more software quality assurance (SQA) on the networking components, he said in an e-mail interview with SecurityFocus. If they did, they would have easily found the issue — it took his fuzzer only 15 packets to crash the component, he said.
“So I personally think the one who has been irresponsible is Microsoft for shipping this driver on any Server 2008, Vista, and Windows 7 (system) without doing any SQA and security review,” he responded.
Gaffié said he notified the company, but had a typo in the e-mail address.
The flaw was disclosed on Monday, the day before Microsoft’s regularly scheduled patch day. The software giant issued five patches for eight vulnerabilities, including three flaws in the company’s TCP/IP networking stack. Other flaws affected Windows’ Javascript engine and its Windows Media components.
While Microsoft has not released a fix for the issue, the software giant recommended that administrators disable SMB version 2 or block the specific TCP ports (139 and 445) used by the file-sharing feature.
Source : http://www.securityfocus.com/brief/1009
IPSECS Admin is
Email this author | All posts by IPSECS Admin | Subscribe to Entries (RSS)