Feeds

back to article Post-Vista Windows flaw creates Blue Screen risk

Miscreants have created an exploit capable of crashing Windows boxes and triggering the infamous Blue Screen of Death. The attack relies on exploiting an unpatched vulnerability in Microsoft's implementation of SMB2 (Server Message Block), a network protocol involved in the sharing of files and printers on a network. Windows …

COMMENTS

This topic is closed for new posts.
WTF?

server2008

If you use a server, it should be protected by a firewall anyway

0
0
Silver badge

Is there a reason...

...for anyone to bother BSODing a bunch of machines? I didn't think malware guys were in it for the thrill these days - and I'm not sure how a BSOD could generate money unless it was working along with something else..

0
0
Gates Horns

@Anonymous Coward (15:02)

Correction:

<del>If you use a server,</del> it should be protected by a firewall anyway

Certainly port 445 should never be exposed to the internet - much like 137-139

0
0
Grenade

Oh yeah..

WinNuke is back, baby!

0
0
Bronze badge

No access

to any LAN resource via public facing interfaces without first authenticating the user at the firewall, fair enough. But from inside the LAN?

Microsoft software testing sucks so bad that the public become the beta testers.

When SMB 2.0 receives a "&" character in the "Process ID High" SMB header field it responds with a BSOD. To miss such a trivial exploit Microsoft QA is worse than I thought.

As far as I am aware this flaw was discovered by Laurent Gaffie.

0
0
Bronze badge
Thumb Up

PoD

Wow, like the 'Ping of Death' of old....

I guess that's what happens when you use bleeding edge technology like Vista.

0
0
Silver badge
FAIL

"We recommend filtering access to port TCP 445 with a firewall."

Fat lot of use that'll be, once someone crafts a virus that goes around "pinging" port 445 on the inside of your firewall. Or does so using a trojanned system. And if 445 isn't open at all, how do you share files?

I almost hope that they do write such a virus... I'd love to see all the flag-wavers for Vista and Windows BSODded to a stand-still, while those of use who stuck with good (well OK) old XP get on with our work.

0
0

@David W.

DoS attacks? Disgruntled employees?

0
0
Thumb Up

We know!

"Miscreants have created an exploit capable of crashing Windows boxes and triggering the infamous Blue Screen of Death."

Yeah, it's Microsoft and it's called a service pack!

0
0

@David W.

David - there are still plenty of people out there who would love to take down company systems just for kicks, simply because they feel they have been mistreated. A BSOD is a classic way to just piss off your employers.

Definitely a valid find.

0
0
Pint

BSOD now, Exploit Later

@David W.

The last time one of these was discovered on Windows XP, it later proved to be one of those highly exploitable wildfire virus enablers. Ideally, 445 should be firewalled, but basically you exploit it by infecting a machine by other means which then gets it past the hard and crunchy and into the soft sweet center where you have a trusted network just waiting to fall over and widdle on itself. It would be a really good test of Windows 7 to see how it reacts and if all the other stuff done in its construction stops the problem at merely being a BSOD. That actually would be proof that the OS is way more secure.

0
0
Flame

@AC 15:02

"If you use a server, it should be protected by a firewall anyway."

Still doesn't detract from the fact that Windows has yet again been proven to be a massive stinking turd in the swimming pool of OS's.

0
0
Grenade

& Impressive

Can they make the BSOD pink? Pink slip for M$.

0
0
Anonymous Coward

@David W.

DoS is worth money too. Think extortion. If it can be done without installing malware or paying for a botnet, so much the better.

0
0
Anonymous Coward

SMB2?

So they've revamped SMB in order to block out Linux boxes?

In which case - hahahaha serves them right.

If not - as you were.

0
0
Anonymous Coward

SMB

SMB is still just as bad over TCP/IP as it was when it used NETBEUI. Why is anyone surprised at SMB flaws? Nobody would use SMB if it weren't for Microsoft.............................

0
0
Pint

Windows Firewall is enabled by default, so the exploit can't work from remote.

Windows Firewall is enabled by default, so the exploit can't work from remote.

0
0
Flame

I'm surprised

That anything even runs under Vista.

0
0
Anonymous Coward

Apple having fun again.

There hasnt been nearly enough BSOD lately and they have a new commercial coming up where mac guy says windows crashes all the time.

They couldnt get quicktime or itunes to BSOD enough windows machines so apple windows virus team to the rescue!

Reg needs a tinfoil hat icon.

0
0
Alert

Windows Firewall protects you how?

On an internal trusted network? If this proves to be exploitable, it is a trinary weapon. You use it as the terminal payload after hitting any workstation by another means. Windows Firewalls only present a global hard surface, still soft and gooey once you're inside.

0
0

hu?

wasn't vista meant to be redesigned and they broke existing software compatibility specifically to make it "more secure" - which raises the question, why is this possible? surely the SMB server should be user-mode and therefore not capable of causing any kind of kernel fault? what the hell are they doing still embedding it in the kernel???

0
0
Gold badge
FAIL

Re: Windows Firewall is.....

You mean the Windows Firewall that lets SMB traffic on port 445 through automatically?

Of course you could disable file sharing, it would close the port then. But then if you had file sharing disabled the exploit wouldn't work anyway and you wouldn't need a firewall to save you from it.

0
0
Gold badge

Where are the Windows fan boys now?

Doesn't matter if it's Linux, Windows or OSX, all operating systems have flaws. Software is written by humans and humans make mistakes.

0
0

Who needs an exploit?

In my experience Fallout 3 seems quite capable of inducing a BSOD, and now I discover I can go and get one for free.

0
0
Anonymous Coward

Yay! WinNuke Reloaded!

Thanks, Microsoft!

0
0
jai
Silver badge

<---- smug OS X user

nuff said

0
0
This topic is closed for new posts.