Results 1 to 6 of 6

Thread: Windows Attack Now Public - Pressure mounts on Microsoft

Registry Booster

  1. 09-29-2009, 06:38 PM #1
    HappyAndyK's Avatar
    HappyAndyK
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    5,391

    Exclamation Windows Attack Now Public - Pressure mounts on Microsoft

    Hackers have publicly released new attack code that exploits a critical bug in the Windows operating system, putting pressure on Microsoft to fix the flaw before it leads to a worm outbreak.

    The vulnerability has been known since Sept. 7, but until today the publicly available programs that leverage it to attack PCs haven't been able to do more than crash the operating system. A new attack, developed by Harmony Security Senior Researcher Stephen Fewer, lets the attacker run unauthorized software on the computer, in theory making it a much more serious problem. Fewer's code was added to the open-source Metasploit penetration testing kit on Monday.

    Unlike Conficker, however, this attack would not affect Windows XP, Windows Server 2003, or Windows 2000 systems.

    That's because the underlying flaw that all of these programs exploit lies in the SMB (server message block) version 2 system, introduced in Vista. Microsoft has confirmed that Immunity's attack works on 32-bit versions of Vista and Windows Server 2008, but did not have any immediate comment on the Metasploit code.

    The flaw has been patched in Windows 7, Kortchinsky said. On Sept. 18, Microsoft released a Fix It tool that disables SMB 2, and the company said that it is working on a fix for the software.

    by : Yahoo! Tech
    The Windows Club | WinVistaClub | The Geeks Club
    Reply With Quote Reply With Quote
  3. 09-29-2009, 06:49 PM #2
    rkonit's Avatar
    rkonit
    rkonit is offline Gold Member
    Join Date
    Jul 2008
    Location
    Pilani, India
    Posts
    1,413

    Default

    The flaw has been patched in Windows 7, Kortchinsky said.
    Thanks Microsoft ! I'm using Windows 7.
    Reply With Quote Reply With Quote
  4. 09-29-2009, 08:56 PM #3
    nitinagarwal1988's Avatar
    nitinagarwal1988
    nitinagarwal1988 is offline Microsoft MVP
    Join Date
    Jan 2009
    Location
    Pilani, India
    Posts
    1,578

    Default

    I'M too using Windows 7....Safe & Secure
    Reply With Quote Reply With Quote
  5. 09-30-2009, 03:44 AM #4
    leofelix
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,675

    Default

    here is the exploit working

    https://www.immunityinc.com/documentation/smbv2.html
    Reply With Quote Reply With Quote
  6. 09-30-2009, 12:52 PM #5
    HappyAndyK's Avatar
    HappyAndyK
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    5,391

    Default

    Thanks for the link leo!
    The Windows Club | WinVistaClub | The Geeks Club
    Reply With Quote Reply With Quote
  7. 09-30-2009, 01:13 PM #6
    James's Avatar
    James
    James is offline Microsoft MVP
    Join Date
    Aug 2008
    Location
    New Brunswick, Canada
    Posts
    739

    Default

    The most important facts for the Windows Vista home user (from the MS Security Research site):

    Consumers (not part of an enterprise network) are protected by the on-by-default firewall included in Windows Vista:
    • The on-by-default Windows firewall protects vulnerable systems
    • The on-by-default Windows firewall allows packets through only if a user explicitly shares a folder or printer.
    • When a Windows Vista user chooses the ‘Public’ firewall setting, the firewall will block packets even if a folder or printer has been shared.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules