All the latest UK technology news, reviews and analysis
|
|
|
18 Feb 2011
Microsoft has warned of a recently disclosed vulnerability in the CIFS/SMB component of Windows affecting all supported versions of the operating system.
The company said that it first received word of the vulnerability earlier this week when a proof-of-concept sample was disclosed.
The exploit can be remotely activated and could cause a system crash and the infamous 'blue screen' error message.
The vulnerability is being classified by Microsoft as a 'critical' risk, but is not believed to allow remote code execution.
Microsoft researcher Matt Oh said in a posting to the Microsoft Malware Protection Center blog that certain parts of the vulnerable component could consistently be targeted, but causing remote code execution would be extremely difficult.
"Our conclusion is that the part of the string that the attacker can control will always end up inside the allocated buffer, and the part the attacker can't control is in the part that overflows the buffer," he said.
"Also, it is not possible to control the length of data to overwrite, so that it's always the same (and predictable) huge integer value."
Administrators can disable the Browser protocol to mitigate the risk of an attack. Microsoft did not say when a permanent fix will be released. The next scheduled patch is on 8 March.
Latest stories from Security
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Java Deveoper/Programmer/Software Engineer, Algo Trading...
Austin Fraser has the pleasure of appointing a number...
Austin Fraser has the pleasure of appointing a Java Developer...
Austin Fraser has the pleasure of appointing a Senior...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Of course it's critical!
Number one, we are talking about threats to MS servers (all versions) which are obviously numerous enough to pose widespread problems. Number two, while not believed to allow remote code exec, you are talking about causing remote bluescreens due to the vulnerability. I smell a DDoS worm brewing. Imagine a worm whose sole purpose is to scan for vulnerable machines, launch exploit when one is found, and then scan other machines. It could get real ugly real quick!
Posted by: A.J. Atkinson 08 Apr 2011