Stories
Slash Boxes
Comments

SoylentNews is people

SMB Zero-Day Affects Windows 8, 10 and Server Editions

posted by Fnord666 on Saturday February 04 2017, @02:09AM   Printer-friendly
from the samba,-not-simba dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

The United States Computer Emergency Readiness Team (US-CERT) published a vulnerability note yesterday about a new zero-day vulnerability affecting Microsoft Windows 8, 10 and Server editions. It reads:

Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service or potentially execute arbitrary code on a vulnerable system.

Attackers may cause a denial of service attack against affected versions of Windows by causing Windows devices to connect to a malicious SMB share. US-CERT notes that the possibility exists that the vulnerability may be exploited to execute arbitrary code with Windows kernel privileges.

Attacked systems may throw a blue-screen on successful attacks.

[...] US-CERT confirmed the vulnerability on fully-patched Windows 8.1 and Windows 10 client systems. Bleeping Computer notes that security researcher PythonResponder claimed that it affects Windows Server 2012 and 2016 as well. While there is no official confirmation of that yet, it seems likely that the Server products are also affected by the vulnerability.

[...] Microsoft has not released a security advisory yet, but it is probably only a matter of time before the company publishes a security advisory to inform customers about the vulnerability and mitigation options. US-CERT recommends to block outbound SMB connections on TCP port 139 and 445, and UDP ports 137 and 138 from the local network to the WAN. to protect Windows devices.

Source: http://www.ghacks.net/2017/02/03/smb-zero-day-affecting-windows-8-10-and-server/

Original Submission

 
This discussion has been archived. No new comments can be posted.
SMB Zero-Day Affects Windows 8, 10 and Server Editions | Log In/Create an Account | Top | 13 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Funny) by aristarchus on Saturday February 04 2017, @02:49AM

    by aristarchus (2645) on Saturday February 04 2017, @02:49AM (#462712) Journal

    Your shields will do you very little good, if they are Microsoft shields!! I recommend a Linux Cloaking Operating system. Otherwise the only thing you could do is to rotate the phase polarity of the takyon particles from the deflector array to route power to the shields, but that will still not be enough if you have Microsoft Shields (Also know as Windows? Windows are not shields! What are you thinking!!)

    Starting Score:    1  point
    Moderation   0  
       Redundant=1, Funny=1, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 3, Touché) by takyon on Saturday February 04 2017, @02:58AM

    by takyon (881) <takyonNO@SPAMsoylentnews.org> on Saturday February 04 2017, @02:58AM (#462715) Journal

    Pew Pew Pew! [betanews.com]

    The strategy was ineffective!

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]