also @ TechSpot: iTunes 11.0.3 delivers revamped MiniPlayer, security fixes

Zero-day Windows Vista, 7 vulnerability discovered

By

On September 8, 2009, 2:06 PM

Update: CNET has reported that Microsoft said the flaw does not affect the final version of Windows 7.

Microsoft is looking into a zero-day vulnerability today, which reportedly affects systems running Windows Vista and 7. Researcher Laurent Gaffie said that a hacker could exploit the flaw on Windows 7 to cause a critical system error. The flaw lies in a Server Message Block 2 (SMB2) driver.

Gaffie said in a blog post yesterday, "SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality." People who have commented on his blog post are reporting that the exploit can not only lead to denial of service, but also remote code execution.

Gaffie has contacted Microsoft, and it has since responded by saying that it is investigating the issue but that it is "unaware of any attacks trying to use the claimed vulnerability or of customer impact." The H has successfully tested the proof-of-concept code, which caused a reboot on Vista -- but did not work on Windows 7.

No tags on this story

5 comments

User Comments: 5

Got something to say? Post a comment
  1. September 8, 2009 2:23 PM
    tengeta
    tengeta said:

    If they spent all their time figuring this out on the RC, that was NT Kernel 6.1 (just above Vista) and the release won't be involved as it will be 7.0 (they say there won't be any changes, but come on.)

    Then again, could just be another non-Linux OS thats destroyable out of the box. Not like OSX is any safer by any stretch of the imagination.

    Reply
  2. September 8, 2009 5:22 PM
    yukka, TechSpot Paladin, said:

    stuff this "no one is currently using this" line - fix plx ms.

    Reply
  3. September 8, 2009 9:21 PM
    NunjaBusiness said:

    "has successfully tested the proof-of-concept code, which caused a reboot on Vista -- but did not work on Windows 7."

    I guess my idea of "success" is different from theirs.

    Reply
  4. September 9, 2009 7:08 AM
    isamuelson
    isamuelson said:

    Isn't the headline misleading? It appears to be stating that Windows 7 is vulnerable to this exploit when in fact, it's not.

    http://news.cnet.com/8301-13860_3-10347289-56.html?tag=newsE
    itorsPicksArea.0

    Reply
  5. September 9, 2009 12:22 PM
    Staff
    Matthew
    Matthew, TechSpot Staff, said:

    According to the linked report, it does not affect the "final version of Windows 7" -- if I am understanding that correctly, then I assume it still affects the RC and any other pre-release build.

    Also as a side note, CNET's article was published many hours after ours (with new details that presumably weren't available when the TechSpot post went live). I will update the TechSpot post with CNET's report, but the title will remain intact. Thanks.

    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Routers

Downloads and Drivers

Downloads   Drivers  

J. River Media Center 18.0.187

ComicRack 0.9.169

Ashampoo UnInstaller 5.03

Files Terminator Free 2.5.0.11

Advanced Host Monitor 9.50

More Downloads

Latest Discussion

Catalyst Control Center Error 8 replies on Device Drivers

Laptop overheats after coming out of sleep 6 replies on Mobile Computing

Which is the best smartphone to buy? 9 replies on Mobile Computing

No monitor signal 64 replies on Audio and Video

External hard drive not showing up on my MacBook Pro 28 replies on Storage and Networking

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.