Slashdot Mirror

← Back to Stories (view on slashdot.org)

The First Windows 7 Zero-Day Exploit

Posted by kdawson on from the think-global-print-local dept.

xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."

4 of 289 comments (clear)

  1. How is this zero-day? by DNS-and-BIND · · Score: 5, Insightful
    The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday

    OK the exploit is almost a week old already. How is this "zero-day"? In the immortal words of Inigo Montoya: "You keep using that word. I do not think it means what you think it means."

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re:How is this zero-day? by DMiax · · Score: 5, Insightful

      Nope! It's the number of days between the release date and today.

      I find little use in a definition that depends on today's date. Especially because I can read articles from saturday and they will call it 3-day, which gives me no information.

      A zero-day exploit is one that is created before a fix is available. It is more severe than others because no version of the target software is safe, even if it is constantly updated. Any security expert knows the implications of this, and how to take it into account when assessing the risks.

  2. Ball kicking time by Rogerborg · · Score: 5, Insightful

    Don't they do code reviews at Microsoft? Loops 101: prove that the loop terminates under all conditions, even and especially when passed garbage.

    Seriously, that's the difference between a hacker and a software engineer right there. If you don't take the time to fix it early, you'll just have to fix it later.

    --
    If you were blocking sigs, you wouldn't have to read this.
  3. pushing the white button?? what does that mean? by DigitalReverend · · Score: 5, Insightful

    The summary states "A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button."

    I checked all the Windows machines here. None of them have a white button on them anywhere. What does this mean? Does the poster just mean powering the machine off and then on again?

    Too many times on Slashdot, when people should be informative, they obfuscate the information it in failed attempts at being clever.

    --
    I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated