Slashdot Mirror

← Back to Stories (view on slashdot.org)

The First Windows 7 Zero-Day Exploit

Posted by kdawson on from the think-global-print-local dept.

xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."

6 of 289 comments (clear)

  1. Re:Are you trolling? by Anonymous Coward · · Score: 0, Offtopic

    The part that you added did not change the meaning of the quotation at all. If you really don't like partial sentence quotations then you might be better off not reading anything, ever.

  2. Re:OMG what if my computer doesnt have a white but by AndGodSed · · Score: 0, Offtopic

    Oh come on! That is seriously funny whomever voted this flamebait. It right up there with "Where is the any key!?!?!"

    --

    Seven Days with Ubuntu Unity

  3. Re:How is this zero-day? by webmistressrachel · · Score: -1, Offtopic

    OH dear. Fucking semantics. Big deal if noone can ever communicate what they mean properly and we descend into a planet of the apes. Never mind everything being dumbed down in education, BUT NOT HERE. THIS IS WHERE I DRAW THE LINE. We are geeks, comms geeks no less. Get off my (only 28yo) lawn!!!!

    --
    This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  4. Re:buttons by webmistressrachel · · Score: -1, Offtopic

    I get mod points far too often for my karma, and waste them on "Get off my lawn" trolls for the giggles. Now I wish I hadn't. I was always mature for my age, and finally along comes a really good get off my lawn and I can't mod you up! You're either informative or insightful, but not both lol (work that out, it's a joke at the mod system, not a dig at you!). Here, have a reply point!

    --
    This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  5. Re:How is this zero-day? by Anonymous Coward · · Score: -1, Offtopic

    "Get off my (only 28yo) lawn, you damn ape kids!!!!" :>

  6. Re:How is this zero-day? by NotBornYesterday · · Score: 0, Offtopic

    Take your stinking paws off my lawn, you damned dirty ape!

    --
    I prefer rogues to imbeciles because they sometimes take a rest.