Remote exploit released for Windows Vista SMB2 worm hole
section: windows, for your questions: KezNews forum, 18.9.2009
Tip: Click here to update all your PC's outdated driversSecurity researchers at penetration testing firm Immunity have created a reliable remote exploit capable of spawning a worm through an unpatched security hole in Microsoft’s dominant Windows operating system.
A team of exploit writers led by Kostya Kortchinsky attacked the known SMB v2 vulnerability and created a remote exploit that’s been fitted into Immunity’s Canvas pen-testing platform. The exploit hits all versions of Windows Vista and Windows Server 2008 SP2, according to Immunity’s Dave Aitel.
Immunity’s Canvas is used by IDS (intrusion detection companies) and larger penetrating testing firms as a risk management tool.
Exploit writers at the freely available Metasploit Project are also close to finishing a reliable exploit for the vulnerability, according to Metasploit’s HD Moore.
The vulnerability, which was originally released as a denial-of-service issue, does not affect the RTM version of Windows 7, Microsoft said. It appears Microsoft fixed the flaw in Windows 7 build ~7130, just after RC1. Windows Vista and Windows Server 2008 users remain at risk.
In the absence of patch, Microsoft recommends that users disable SMB v2 and block TCP ports 139 and 445 at the firewall.
source:
blogs.zdnet.com
>> Click Here to Run a Free Scan for PC Errors <<
Send link 2 friend | Permalink
MORE RELATED ARTICLES:
Flaw in Windows 7 and Vista could allow remote reboot || Connect Windows 7 with XP SP3 Vista SP2 via Remote Desktop Connection 7.0 || Download Windows 7 Remote Desktop Connection 7.0 for XP SP3 and Vista SP1 and SP2 || Microsoft confirms detailed Windows 7 exploit || How to Enable Concurrent Sessions for Remote Desktop in Windows 7 RTM
Comments(0)
No new comments are allowed for this article.
For your questions use our KezNews Forum
Windows 7 RTM 7600.16385.090713-1255 HERE !