Blue Screen your shinny Windows Vista/7 box

An exploit is making the rounds that affects Windows Vista and 7 which have SMB (i.e., SAMBA or file sharing) enabled. The researcher, after a small change in the SMB Header has managed to crash the SRV2.SYS DLL which fails to handle malformed SMB headers[1].

“\x00\x26″# Process ID High: –> 🙂 normal value should be “\x00\x00”

Solution:
As of now: Funny enough disable file sharing if and when not needed, or implement a rule to block SMB ports.

Links Used:
[1] – Full Disclosure: Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. – http://seclists.org/fulldisclosure/2009/Sep/0039.html

This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Blue Screen your shinny Windows Vista/7 box

  1. hameemasia says:

    Can anyone recommend the top performing Managed Service utility for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central help desk software
    ? What is your best take in cost vs performance among those three? I need a good advice please… Thanks in advance!

  2. Vpn says:

    I will be sure to bookmark it and come back to learn extra of your useful info. Thank you for the post. I will certainly return.

Leave a Reply

Your email address will not be published. Required fields are marked *