Laurent Gaffié has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
Exploit & Code
The vulnerability is caused due to an error when processing SMB packets received from an SMB server. This can be exploited to hang an affected system by tricking a user into connecting to a malicious SMB server via e.g. a specially crafted web site opened in Internet Explorer.
The vulnerability is confirmed on a fully patched Microsoft Windows 7 and reported in Microsoft Windows Server 2008 R2.
Block outbound connections to untrusted SMB servers via a firewall.
Provided and/or discovered by:
No CVE references.