Slashdot Mirror

← Back to Stories (view on slashdot.org)

The First Windows 7 Zero-Day Exploit

Posted by kdawson on from the think-global-print-local dept.

xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."

21 of 289 comments (clear)

  1. OMG what if my computer doesnt have a white button by Anonymous Coward · · Score: 5, Funny

    What are my options? New computer?

  2. Not much of an exploit.. by Anonymous Coward · · Score: 3, Funny

    No remote code execution? Boring. Let's see if some people out there could weaponize it and throw it into a metasploit module. Then it's interesting.

  3. Well researched article, that... by EMN13 · · Score: 3, Funny

    From the article:
      "Instead, the company suggested users block TCP ports 139 and 445 at the firewall. Doing so, however, would disable browsers as well as a host of critical services, including network file-sharing and IT group policies."

    Good to know that blocking ports 139 and 445 will block browsers, we wouldn't want people actually doing that, after all!

  4. Terrifyingly potent by Sockatume · · Score: 5, Funny

    A maliciously crafted URI could hard-crash affected machines beyond any remedy

    Oh no! A PC-killer!

    besides pushing the white button

    A reboot? Well, it's an unorthodox and extreme solution to a machine crashing, we'll have a hard time convincing Windows users to do that.

    --
    No kidding!!! What do you say at this point?
  5. Re:pushing the white button?? what does that mean? by Hamsterdan · · Score: 2, Funny

    The only white button here is the buzzer on my front door. But I don't see how ringing the bell will solve that problem.

    --
    I've got better things to do tonight than die.
  6. Re:How is this zero-day? by Ed+Avis · · Score: 3, Funny

    'When I use a word,' Humpty Dumpty said, in rather a scornful tone, 'it means just what I choose it to mean -- neither more nor less.'

    --
    -- Ed Avis ed@membled.com
  7. My computer doesn't have a white button by Skapare · · Score: 2, Funny

    ... they're all black ... you insensitive clod.

    --
    now we need to go OSS in diesel cars
    1. Re:My computer doesn't have a white button by webmistressrachel · · Score: 3, Funny
      Yeah, great. I use a screwdriver to short pins on the array of motherboards hanging off the power supplies at the back of my bench. Just don't nudge the hard drives with the mouse whilst playing games, and watch out for that massive graphics card just wobbling there when you change the monitor lead!!

      I call it Computing with Thrills (TM) ;)

      --
      This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  8. Re:OMG what if my computer doesnt have a white but by Vectronic · · Score: 3, Funny

    Simply use Wite-Out, or Liquid Cover-Up, doesn't matter what button, as long as it's white.

  9. Re:buttons by BrightSpark · · Score: 5, Funny

    Does it have Digital or DG written on it too? Happy days. From the time when a cluster was better than a cloud? When computers were "managed" by people who knew how they worked and who knew Netbios was for something only a friend would share (with another friend). If you wanted a file over a network you sent a request to the Operator for a kind lady to haul your disc pack to the big washing machine thingy and mount it for you. Promotion meant getting system privileges like clearing your own printer queue. Goodbye PDP-11. Mourn not for AOS-VS II. Farewell DG/UX. No more CLI. Welcome to the nouveau "geek" who needs to know why it's bad to have port 139 open but kicks ass in Gears 2. To quote Ripley from "Aliens", "Did IQs suddenly drop while I was gone?"

  10. Re:pushing the white button?? what does that mean? by Linker3000 · · Score: 5, Funny

    #3043-001 USB White Button Kit........34.99 + Shipping

    Ideal for computers not shipped by the manufacturer with a White Button pre-installed.

    A White Button is essential for all Windows Users. Upon a system failure, Denial of Service attack or crash, pressing the White Button releases a scientifically-formulated, airborne scent of soothing essential oil fragrances, including: Verbena, Sweet Orange, Roman Camomile and Ylang Ylag.

    At the same time, one of a number of pre-programmed actions are triggered while you listen to a random selection of 10 relaxing 'mood music' tracks.

    Basic actions include:

    1) Reboot
    2) Call my IT Support department
    3) Call the manufacturer's support department and cancel my evening dinner arrangements
    4) Reinstall current OS
    5) Reinstall current OS after backing up all user data
    6) Wipe and install CentOS
    7) Wipe and install Ubuntu
    8) Order me a Mac
    9) Order me a Big Mac, fries and a Coke

    Secondary actions can also be triggered from:

    A) Call Microsoft HQ every 'x' minutes and shout 'Fuck it' down the line.
    B) Post my CV to Linux-only job sites
    C) Rub my shoulders (Requires optional add-on #RS01)
    D) Dial local suicide help line

    A deluxe version of this item is available (#3043-002, 139.99 + Shipping). This model includes an external 10" LCD panel that can display random pages from a number of Web sites (slashdot.org, fark.com, silicon.com, cloudappreciationsociety.org and todaysbigfail.com)

    Extras and consumables:

    * #3043-S01 Replacement aromatherapy scent cartridge - pack of 12
    * #3043-S02 Replacement mustard gas scent cartridge sold singly, no returns
    * #3043-M01 Extended play music ROM - an extra 4 hours of music (for Dell Support customers)
    * #3043-P01 Enlarged White Button with face of Steve Ballmer on top. Comes complete with real wood mini hammer and elastic band-powered mini crossbox with safe-tip(TM) arrows (pack of 12 buttons)

    --
    AT&ROFLMAO
  11. "Pay packet?" by Shag · · Score: 3, Funny

    Mine turned out to be maliciously crafted.

    --
    Village idiot in some extremely smart villages.
  12. Re:Are you trolling? by sproot · · Score: 3, Funny
    On the subject of re-writing the language:

    loses it's [sic] meaning

    your [sic] plain wrong

    That last one might be ironic.
    xx

  13. Re:How is this zero-day? by ozmanjusri · · Score: 3, Funny
    Who cares? It's not like it's years old or anything. Chill out.

    Exactly.

    It's not as though Windows exploits are a scarce event. There'll be plenty more where that came from, so you can be semantically correct next time.

    --
    "I've got more toys than Teruhisa Kitahara."
  14. Re:Ball kicking time by nstlgc · · Score: 1, Funny

    But nobody actually uses ReactOS!

    --
    I'm Rocco. I'm the +5 Funny man.
  15. That's setting a dangerous precident. by CFD339 · · Score: 1, Funny

    The very idea of undoing your own powerful moderation use -- even if (especially if) you used it mistakenly is very un-slashdot of you. You're supposed to stay completely anonymous in your abusive mistake, and use those points to call all opinions you don't agree with either redundant or flamebait. Didn't you read the destructions the first time you got mod points?

    --
    The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
  16. Re:Ball kicking time by Anonymous Coward · · Score: 1, Funny

    ReactOS is based heavily on Wine, which is pretty damn awesome these days.

  17. Re:Are you trolling? by dontmakemethink · · Score: 2, Funny

    Actually, the grandparent poster is correct. Zero-day means just that. What you're talking about needs a different word.

    I believe the term "Windows exploit" in itself adequately covers that it was quickly and easily discovered and abused.

    Bonus points for stating that anyone who thinks differently from you must be stupid.

    Damn Mac users eh?

    --

    War as we knew it was obsolete
    Nothing could beat complete denial
    - Emily Haines
  18. Re:Yes, any admin... by kbielefe · · Score: 3, Funny

    ...but what about home users?

    What, you don't have an IT staff at home?

    --
    This space intentionally left blank.
  19. Re:Are you trolling? by nschubach · · Score: 4, Funny

    I tried blaming my keyboard once. It just stared back at me knowing that it had done nothing wrong and I couldn't prove otherwise. The little bastard had me in a corner and the other people in the office were staring at me.

    --
    Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
  20. Re:How is this zero-day? by nschubach · · Score: 2, Funny

    So, we'll see you next Tuesday? ;)

    --
    Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.