Windows Vista/7: Remote BSoD
Laurent Gaffie has published a vulnerability finding[1] regarding the new Server Message Block (SMB) protocol that comes with Windows Vista/7. The vulnerability description is described:
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality. The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for futher communication.
An exploit written in Python is provided that forces this condition to occur.
Microsoft has released a security advisory[2] regarding this vulnerability. This advisory provides a workaround solution and informs a security update is being developed, but has yet to be released.
Affected Software
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
[1]: http://g-laurent.blogspot.com/2009/09/windows-vista7-smb20-negotiate-protocol.html
[2]:http://www.microsoft.com/technet/security/advisory/975497.mspx
Device Benchmark Documentation
The Center for Internet Security is a non-profit that helps organizations around the world effectively manage the risks related to information security. CIS provides methods and tools to improve, measure, monitor, and compare the security status of Internet-connected systems and appliances.
They have provided some excellent benchmarking guidelines for minimum security standards for many common devices, (including the IPhone). The best part is its all provided free of charge. You are required to provide your name and business, but are not required to create an account.
Center for Internet Security: www.cisecurity.org
Benchmarking Documentation: www.cisecurity.org/bench.html
DarkReading
- 5 Ways To Lose A Malicious Insider LawsuitMaking the case against an insider takes preparation and proactive work with HR and legal
- What A DDoS Can CostAround 65 percent of IT pros say a DDoS costs their organization $240,000 in lost revenue per day of the attack, and one-fifth say it would mean a loss of $1.2 million per day, new survey finds
- Cyberspies Target Victims Via 'Strategic' Driveby Website AttacksCyberespionage attackers more and more are injecting specific, legitimate websites with malware in hopes of snaring victims with common interests -- most recently, human rights organizations
- Number Of Software Pirates On The RiseFifty-seven percent of respondents said they've pirated software, according to Business Software Alliance study
- Network Security Technology Evolving Rapidly, Forrester SaysReview of 17 product categories shows next-generation firewalls on the rise, stand-alone NAC on the wane
Dataloss Disclosure
- An error has occurred; the feed is probably down. Try again later.
