Print 32 comment(s) - last by BruceLeet.. on Nov 15 at 5:15 PM

Problems with SMB have persisted since Windows 7's RC phase

Windows 7 is arguably much more secure than its predecessor, Windows Vista, with more robust memory protections against attacks and with the wide availability of Microsoft's free antivirus suite, Microsoft Security Essentials.  Many possibly exploitable vulnerabilities were found and removed during the unprecedented public testing phase as well.

However, challenges remain for Windows 7.  A recent report found that the OS's UAC was less robust than Vista's and allowed 7 of 10 pieces of malware to be freely installed.  Now, following Microsoft's monthly Patch Tuesday a familiar problem has returned.

The Windows SMB (Server Message Block) protocol has had problems ever since the discovery during the OS's public testing phase of a supposedly show-stopping bug that could, according to some sources, cause Windows 7 to blue screen.  Now another SMB bug, which throws Windows 7 into an infinite loop forcing a reset, has reared its ugly head.

The bug was publicized by researcher Laurent Gaffie on the Full Disclosure mailing listAccording to Tyler Reguly, Lead Security Research Engineer of security firm nCircle, the vast majority of home users are unlikely to be threatened by the bug.  The bug's main route of attack occurs when you type in the IP of a server in the search box and accidentally navigate to a Windows Share on a malicious server.  As most casual users are unlikely to have a clue how to navigate to server shares or even know what server shares are, chances are they won't be affected.

The vulnerability applies to both Windows 7 and Windows Server 2008 R2.  Currently there are no reports of attacks in the wild, but proof-of-concept attacks have been aired.  One key thing that makes this bug unlikely to be largely used by hackers is that it is unable to grant any sort of system access and can, in essence, only be used to create annoyance -- forcing the user to reset their machine.

It is also extremely easy to block external SMB traffic to rule out the chance of it swamping your machine.  Simply block ports 135 to 139 and 445 on your router or firewall and you'll prevent external SMB traffic from entering your system and potentially causing harm.  While this bug seems relatively harmless, given the history of problems with the SMB since the test candidate phase, it seems a good idea to put these blocks in place if you don't need to use SMB traffic to external sources.

Even if you block the ports, there is still a remote chance that you could be affected, via viewing a webpage in Internet Explorer.  States Mr. Gaffie, "There is an Internet Explorer-based attack vector. By including a file stored on a share in the HTML of the web page the flaw can be triggered. But, once again the result is a denial of service."

Using Firefox, Chrome, Opera, or other third-party browser may help negate this route of attack.

Microsoft is currently investigating the bug.  It bills Windows 7 as its most secure operating system to date and has committed itself to fight tough in the war against malicious users.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Who Cares?
By Ristogod on 11/13/2009 9:32:05 AM , Rating: 5
How is "Found New Exploit In Windows" news anymore? This has been reoccurring for 10+ years or more.

Tomorrows topic, "Sun Rises Yet again!"

RE: Who Cares?
By weskurtz0081 on 11/13/2009 9:35:59 AM , Rating: 5
Yeah, no kidding. As long as you have market share, and someone interested in exploiting it, it doesn't matter what brand name is on the box, exploits will be discovered.

RE: Who Cares?
By chick0n on 11/13/2009 9:38:04 AM , Rating: 5
Just like a Mac. nothing new

IT JUST WORKS ! Oh wait, Bug? no way, Thats the way it is and good luck getting a patch from Apple !

RE: Who Cares?
By harmaton on 11/13/09, Rating: -1
RE: Who Cares?
By weskurtz0081 on 11/13/2009 10:22:57 AM , Rating: 5
Damn, hit a nerve?

RE: Who Cares?
By kamel5547 on 11/13/2009 10:50:08 AM , Rating: 5
His point was valid. He didn't have to use Apple as the example, virtually every piece of software out there is poorly coded, mostly because no one wants to scrap all their code and build a secure design from the ground up. If DailyTech reported every new flaw found in pieces of software you'd have a very hard time finding an actual news story.

You on the other hand are way out of line (IMO), ending your comment where the comma was would have served you well.

RE: Who Cares?
By Murloc on 11/13/2009 12:16:57 PM , Rating: 5
the discussion had to move to macs, otherwise flames would not be hot enough.

RE: Who Cares?
By KCjoker on 11/13/2009 7:33:52 PM , Rating: 2
Yea nobody ever brings up MS in articles about Apple.


RE: Who Cares?
By barjebus on 11/13/2009 10:47:08 AM , Rating: 3
I don't think the fact that X piece of software has new vulnerability Y is news. Its software...I'd go so far as to suggest its inevitable that bugs will be found.

What matters is the severity and the exploit itself. Finding a zero day exploit in Windows isn't news, it was inevitable. The details of the exploit though most definitely is news (I'm happier knowing that this exists rather than remaining ignorant).

Unless you prefer blissful ignorance, I like these news stories.

RE: Who Cares?
By William Gaatjes on 11/15/2009 4:40:15 AM , Rating: 2
I'd go so far as to suggest its inevitable that bugs will be found.

I am happy not everybody thinks like that. Or humanity will fail. For "look at me " items that have to be manufactured as cheap as possible it is inevitable that software flaws arise. Cost cutting decisions to create profit have that effect. However, when it needs to work, it will just work. Proper coding delivers proper material. And the first thing new programmers should learn is that when there is communication, there is a parser checking the format of the used communication protocol. Making sure there are boundaries that cannot be crossed.

RE: Who Cares?
By segerstein on 11/13/2009 1:31:02 PM , Rating: 2
Tomorrows topic, "Sun Rises Yet again!"

You mean Sun Micro?

RE: Who Cares?
By Reclaimer77 on 11/13/2009 3:00:41 PM , Rating: 2
A recent report found that the OS's UAC was less robust than Vista's and allowed 7 of 10 pieces of malware to be freely installed.

What is Micks problem with Windows 7 ?? Every day is an article trying to slam the OS with false information and shoddy testing.

First off, please tell me how 7's UAC is "less robust" then Vistas ?? The only, and I mean ONLY, difference in 7's UAC is that by default it's set one notch lower because of customer complaints. This can easily be changed.

Secondly, the entire premise of the above quote is flawed. Because in the test they KNOWINGLY opened malware. The UAC cannot, and is not meant to, prevent you from knowingly open viruses.

Mick goddamnit, will you please stop with this bullcrap ? Not only is it not accurate, but it's not even NEWS. How can you sleep at night writing this bullshit ?

RE: Who Cares?
By xaders on 11/13/2009 6:28:47 PM , Rating: 1
well, just have something of security software on with windows 7. ill buy windows 7 on all my PC in my household which are all running windows XP now. ill prefer windows 7 pro then home premium one.

now, only have one laptop with windows 7 RC on it. also brought windows 7 student version. it sucks because the direct download doesnt allow create a separate disc. have to pay for it. it is an upgrade. the upgrade terms sucks. microsoft need another way to upgrade. vista was like ME was and windows 7 is what vista is suppose to be or some people called it vista sp3.

RE: Who Cares?
By Reclaimer77 on 11/13/2009 7:43:24 PM , Rating: 2
Actually you can create an ISO from the student download. I did.

"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki