2009-11-13 17:29:48

Abstract

Laurent GaffiƩ has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).

Exploit & Code

The vulnerability is caused due to an error when processing SMB packets received from an SMB server. This can be exploited to hang an affected system by tricking a user into connecting to a malicious SMB server via e.g. a specially crafted web site opened in Internet Explorer.

The vulnerability is confirmed on a fully patched Microsoft Windows 7 and reported in Microsoft Windows Server 2008 R2.

Solution:
Block outbound connections to untrusted SMB servers via a firewall.

Provided and/or discovered by:
Laurent GaffiƩ

Original Advisory:
http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html

No CVE references.

References

Keywords

Windows7
DoS
Windows
Server2008
SMB