Updated: Flaw in Windows 7 RC and Vista allows remote reboot

Security experts warned Tuesday that a vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems.

An exploit written in Python is already available and being tested by security experts. Initial tests by heise security indicate the exploit enabled a remote reboot of a Vista system. However, in the test, the exploit had no apparent effect on a computer running Windows 7 RTM.

Microsoft has yet to acknowledge the issue and release an official update. The only current workaround is to close the SMB ports by un-ticking the boxes for file and printer access in the firewall settings.

Update: Microsoft has confirmed that Windows 7 RC is affected by the flaw but Windows 7 RTM is not.

Report a problem with article
Next Article

DSGi employees caught insulting customers on Facebook

Previous Article

Brad's PAX 2009

84 Comments - Add comment