On TechRepublic: Five super-secret features in Windows 7

BNET Business Network:: BNET; TechRepublic; ZDNet

Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

September 17th, 2009

Remote exploit released for Windows Vista SMB2 worm hole

Posted by Ryan Naraine @ 10:34 am

Tags: Vulnerability, Microsoft Windows Vista, Microsoft Corp., Exploit, Microsoft Windows, Microsoft Windows 7, Microsoft Windows Server 2008, Smb/Sme, Operating Systems, Security

Security researchers at penetration testing firm Immunity have created a reliable remote exploit capable of spawning a worm through an unpatched security hole in Microsoft’s dominant Windows operating system.

A team of exploit writers led by Kostya Kortchinsky attacked the known SMB v2 vulnerability and created a remote exploit that’s been fitted into Immunity’s Canvas pen-testing platform. The exploit hits all versions of Windows Vista and Windows Server 2008 SP2, according to Immunity’s Dave Aitel.

[ SEE: Microsoft confirms SMB2 vulnerability, warns of code execution risk ]

Immunity’s Canvas is used by IDS (intrusion detection companies) and larger penetrating testing firms as a risk management tool.

Exploit writers at the freely available Metasploit Project are also close to finishing a reliable exploit for the vulnerability, according to Metasploit’s HD Moore.

The vulnerability, which was originally released as a denial-of-service issue, does not affect the RTM version of Windows 7, Microsoft said. It appears Microsoft fixed the flaw in Windows 7 build ~7130, just after RC1. Windows Vista and Windows Server 2008 users remain at risk.

In the absence of patch, Microsoft recommends that users disable SMB v2 and block TCP ports 139 and 445 at the firewall.

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback
Most Recent of 39 Talkback(s)

Thread View
Flat View

No, it is not.: Stick around long enough to deal with the facts instead of selectively
trolling. (Like here:
http... (Read the rest); Posted by: DeusExMachina Posted on: 09/21/09 (Edited: 09/21/09 @ 09:31) You are currently: a Guest | Log in | Terms of Use

Time for an out-of-cycle patch Microsoft. nt ye | 09/17/09

Why? Richard Flude | 09/17/09

You mean like this: ye | 09/17/09

Did you even read what I wrote? LiquidLearner | 09/18/09

This exploit doesn't count NonZealot | 09/17/09

It's called "Proof of concept". Zogg | 09/17/09

/me slips a fresh battery into Zogg's sarcasm detector wink

mechBgon | 09/17/09

Ah - so like a Nostradamus prophesy... Zogg | 09/17/09

You might be struggling. I had no problem... ye | 09/18/09

Understand? Yes. Agree? No. (nt) Zogg | 09/18/09

In this case... zkiwi | 09/17/09

Gee, that sounds suspiciously like a marketshare argument NonZealot | 09/18/09

No.... zkiwi | 09/18/09

NonZealot's fine Richard Flude | 09/17/09

Sharing files in OS X is very unintuitive NonZealot | 09/17/09

Odd... zkiwi | 09/17/09

Of course... zkiwi | 09/18/09

If a house CAN be burgled, .... arminw | 09/18/09

@NonZealot Axsimulate | 09/17/09

The difference is LiquidLearner | 09/18/09

Exactly where is that sarcasm, again? Zogg | 09/18/09

Given the historical ecosystem of Windoze... UAC nanny screen | 09/18/09

RE: Remote exploit released for Windows Vista SMB2 worm hole _JimB_ | 09/17/09

Umm, did you actually read the article? msalzberg | 09/17/09

The headline says "Vista". No mention of Windows 7. ye | 09/18/09

Most secure OS ever! Chad_z | 09/17/09

I believe it is "Most secure Windows ever". ye | 09/18/09

"Most secure Windows ever" UAC nanny screen | 09/18/09

Here is more Earthling2 | 09/21/09

Looks more like attacks on Apple UAC nanny screen | 09/21/09

The same claim is made of OS X NonZealot | 09/18/09

Because... zkiwi | 09/18/09

DeusExMachina | 09/21/09

No, it is not. DeusExMachina | 09/21/09

Technically, no OS is secure... HypnoToad72 | 09/20/09

Vista default config is NOT affected directory | 09/18/09

RE: Remote exploit released for Windows Vista SMB2 worm hole amj2006 | 09/18/09

[Citation needed] honeymonster | 09/19/09

RE: Remote exploit released for Windows Vista SMB2 worm hole Nelson-1 | 09/18/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now

Blogs From Our Sponsors

Top Rated

Thousands of web sites compromised, redirect to scareware+43 votes
Microsoft confirms 'detailed' Windows 7 exploit+43 votes
Firefox hit by multiple drive-by download flaws+41 votes
Which antivirus is best at removing malware?+41 votes
iHacked: jailbroken iPhones compromised, $5 ransom demanded+32 votes
Mac OS X mega patch covers 58 security vulnerabilities+26 votes
Phishing experiment sneaks through all anti-spam filters+25 votes
Microsoft patches Windows worm holes, drive-by download flaws+20 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Key Strategies for Federal Agencies - Safe and Cost Effective Migration for Legacy Hardware GovConnection The federal government has mandated that federal agencies reduce energy ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now

Meet Doc

Here to help you with your Document Management Needs
Check out Doc’s Blog on ZDNet
Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
Produced by
ZDNet and

Zero Day

Ryan Naraine and Dancho Danchev

September 17th, 2009

Remote exploit released for Windows Vista SMB2 worm hole

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

September 17th, 2009

Remote exploit released for Windows Vista SMB2 worm hole

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads