An exploit is making the rounds that affects Windows Vista and 7 which have SMB (i.e., SAMBA or file sharing) enabled. The researcher, after a small change in the SMB Header has managed to crash the SRV2.SYS DLL which fails to handle malformed SMB headers.
“\x00\x26″# Process ID High: –> 🙂 normal value should be “\x00\x00”
As of now: Funny enough disable file sharing if and when not needed, or implement a rule to block SMB ports.
 – Full Disclosure: Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. – http://seclists.org/fulldisclosure/2009/Sep/0039.html