First Windows 7 Zero-Day Exploit Airs, But Danger Isn't Great For Most
November 13, 2009 9:15 AM
Problems with SMB have persisted since Windows 7's RC phase
Windows 7 is arguably much more secure than its predecessor, Windows Vista, with
more robust memory protections
against attacks and with the wide availability of Microsoft's free antivirus suite,
Microsoft Security Essentials
. Many possibly exploitable vulnerabilities were found and removed during the unprecedented public testing phase as well.
However, challenges remain for Windows 7. A recent report found that the OS's UAC was less robust than Vista's and allowed
7 of 10 pieces of malware
to be freely installed. Now, following Microsoft's monthly Patch Tuesday a familiar problem has returned.
The Windows SMB (Server Message Block) protocol has had problems ever since the discovery during the OS's public testing phase of a
supposedly show-stopping bug
that could, according to some sources, cause Windows 7 to blue screen. Now another SMB bug, which throws Windows 7 into an infinite loop forcing a reset, has reared its ugly head.
The bug was publicized by researcher Laurent Gaffie on the
Full Disclosure mailing list
Tyler Reguly, Lead Security Research Engineer of security firm nCircle, the vast majority of home users are unlikely to be threatened by the bug. The bug's main route of attack occurs when you type in the IP of a server in the search box and accidentally navigate to a Windows Share on a malicious server. As most casual users are unlikely to have a clue how to navigate to server shares or even know what server shares are, chances are they won't be affected.
The vulnerability applies to both Windows 7 and Windows Server 2008 R2. Currently there are no reports of attacks in the wild, but proof-of-concept attacks have been aired. One key thing that makes this bug unlikely to be largely used by hackers is that it is unable to grant any sort of system access and can, in essence, only be used to create annoyance -- forcing the user to reset their machine.
It is also extremely easy to block external SMB traffic to rule out the chance of it swamping your machine. Simply block ports 135 to 139 and 445 on your router or firewall and you'll prevent external SMB traffic from entering your system and potentially causing harm. While this bug seems relatively harmless, given the history of problems with the SMB since the test candidate phase, it seems a good idea to put these blocks in place if you don't need to use SMB traffic to external sources.
Even if you block the ports, there is still a remote chance that you could be affected, via viewing a webpage in Internet Explorer. States Mr. Gaffie, "There is an Internet Explorer-based attack vector. By including a file stored on a share in the HTML of the web page the flaw can be triggered. But, once again the result is a denial of service."
Using Firefox, Chrome, Opera, or other third-party browser may help negate this route of attack.
Microsoft is currently investigating the bug. It bills Windows 7 as its most secure operating system to date and has committed itself to fight tough in the war against malicious users.
"Game reviewers fought each other to write the most glowing coverage possible for the powerhouse Sony, MS systems. Reviewers flipped coins to see who would review the Nintendo Wii. The losers got stuck with the job." -- Andy Marken
Sophos Finds Windows 7 UAC Fails to Block 7 out of 10 Pieces of Malware
November 5, 2009, 2:03 PM
Microsoft Security Essentials Now Available
September 29, 2009, 11:50 AM
With Exploits on the Way, It's Critical Win 7 Testers Run Tool to Safeguard Their PCs
September 21, 2009, 9:51 PM
Windows 7's XP Mode Cripples Malware, Gives Attackers Headaches
September 14, 2009, 8:30 AM
Microsoft releases details of Project Scorpio console
April 7, 2017, 7:50 AM
More Security Issues for Yahoo
February 16, 2017, 7:45 AM
Android Instant Tethering Only Works for Pixel and Nexus Handsets
February 13, 2017, 7:30 AM
WhatsUp with WhatsApp?
August 29, 2016, 5:23 AM
Fuchsia – Google’s New Open Source Operating System
August 17, 2016, 6:30 AM
Windows 10: End of an Era & A New Beginning
August 1, 2016, 9:59 AM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
SAPPHIRE PULSE Radeon RX 580 8GD5 – Great Value for the Money
April 20, 2017, 7:47 AM
Dell Inspiron 17 7000 – A Premium Laptop featuring 7th Gen Intel Core i7 in a 2-in-1 Frame.
April 19, 2017, 7:45 AM
Tesla will announce electric lorry in September
April 19, 2017, 6:20 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Latest Blog Posts
Samsung Galaxy S8 and S8 Plus – Lots of Glass that Breaks Easily
Apr 25, 2017, 7:20 AM
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
Apple iPhones Will Soon Feature Graphics Chips Designed BY Apple
Apr 3, 2017, 6:23 AM
AMD Ryzen Desktop Processors Performance
Apr 2, 2017, 6:30 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information