First Windows 7 Zero-Day Exploit Airs, But Danger Isn't Great For Most
November 13, 2009 9:15 AM
comment(s) - last by
Problems with SMB have persisted since Windows 7's RC phase
Windows 7 is arguably much more secure than its predecessor, Windows Vista, with
more robust memory protections
against attacks and with the wide availability of Microsoft's free antivirus suite,
Microsoft Security Essentials
. Many possibly exploitable vulnerabilities were found and removed during the unprecedented public testing phase as well.
However, challenges remain for Windows 7. A recent report found that the OS's UAC was less robust than Vista's and allowed
7 of 10 pieces of malware
to be freely installed. Now, following Microsoft's monthly Patch Tuesday a familiar problem has returned.
The Windows SMB (Server Message Block) protocol has had problems ever since the discovery during the OS's public testing phase of a
supposedly show-stopping bug
that could, according to some sources, cause Windows 7 to blue screen. Now another SMB bug, which throws Windows 7 into an infinite loop forcing a reset, has reared its ugly head.
The bug was publicized by researcher Laurent Gaffie on the
Full Disclosure mailing list
Tyler Reguly, Lead Security Research Engineer of security firm nCircle, the vast majority of home users are unlikely to be threatened by the bug. The bug's main route of attack occurs when you type in the IP of a server in the search box and accidentally navigate to a Windows Share on a malicious server. As most casual users are unlikely to have a clue how to navigate to server shares or even know what server shares are, chances are they won't be affected.
The vulnerability applies to both Windows 7 and Windows Server 2008 R2. Currently there are no reports of attacks in the wild, but proof-of-concept attacks have been aired. One key thing that makes this bug unlikely to be largely used by hackers is that it is unable to grant any sort of system access and can, in essence, only be used to create annoyance -- forcing the user to reset their machine.
It is also extremely easy to block external SMB traffic to rule out the chance of it swamping your machine. Simply block ports 135 to 139 and 445 on your router or firewall and you'll prevent external SMB traffic from entering your system and potentially causing harm. While this bug seems relatively harmless, given the history of problems with the SMB since the test candidate phase, it seems a good idea to put these blocks in place if you don't need to use SMB traffic to external sources.
Even if you block the ports, there is still a remote chance that you could be affected, via viewing a webpage in Internet Explorer. States Mr. Gaffie, "There is an Internet Explorer-based attack vector. By including a file stored on a share in the HTML of the web page the flaw can be triggered. But, once again the result is a denial of service."
Using Firefox, Chrome, Opera, or other third-party browser may help negate this route of attack.
Microsoft is currently investigating the bug. It bills Windows 7 as its most secure operating system to date and has committed itself to fight tough in the war against malicious users.
This article is over a month old, voting and posting comments is disabled
This will always happen..
11/13/2009 10:37:10 AM
Everyone OS that has ever been released and ever will be released is subject to exploits. Unless Microsoft or Apple or whoever it may be decides to hire every person in the WORLD that knows anything about computers, then these exploits will continue to be found.
The most important issue here is that the exploits are getting patched as soon as possible. The second most important issue is that these exploits are discovered infrequently relative to the amount of functionality and coding an operating system has. The more functionality an operating system has, obviously the amount of exploits possible will increase.
I don't think Microsoft or Apple is doing a bad job at fixing their mistakes, though... and compared to what these latest and greatest operating systems can do, I'd say they're both covering their bases quite well.
RE: This will always happen..
11/13/2009 10:37:47 AM
"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg
Sophos Finds Windows 7 UAC Fails to Block 7 out of 10 Pieces of Malware
November 5, 2009, 2:03 PM
Microsoft Security Essentials Now Available
September 29, 2009, 11:50 AM
With Exploits on the Way, It's Critical Win 7 Testers Run Tool to Safeguard Their PCs
September 21, 2009, 9:51 PM
Windows 7's XP Mode Cripples Malware, Gives Attackers Headaches
September 14, 2009, 8:30 AM
Office 2016 Preview Comes to Mac w/ Retina Support
March 6, 2015, 3:32 PM
Microsoft May Announce Windows 10 Release Candidate at Ignite
March 6, 2015, 9:25 AM
Windows 10 Testers: Beware Experimental NVIDIA Drivers Tied to DX12 Update
March 3, 2015, 11:13 AM
Windows 10 Adds USB 3.1 for Dual-Role Peripherals, External Display Support
February 27, 2015, 11:39 AM
Quick Note: Apple Opens Up iOS 8.3 Beta 2 to Developers
February 25, 2015, 6:00 PM
StarDock Unveils Start10 Start Menu Replacement for Windows 10
February 25, 2015, 11:24 AM
Most Popular Articles
WSJ Report Implies That Google Leveraged Lobbying to Kill Antitrust Abuse Probe
March 25, 2015, 5:37 PM
HTC One M9 Launches Tomorrow Overseas
March 20, 2015, 2:33 PM
Samsung, Dell, Pegatron to Preinstall Microsoft Office 365 on Android Devices
March 23, 2015, 4:02 PM
Half a Billion Dollars of U.S. Weaponry May be Lost to al-Qaeda, Rebels in Yemen
March 23, 2015, 2:12 PM
Windows 10 Build 10041 Rolls Out: What's New in Pictures Pt. 1
March 19, 2015, 2:45 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information