Windows 7 zero-day reported
Summary
A security researcher said there is a zero-day vulnerability affecting Windows 7 and Vista. The alleged flaw could allow an attack that could cause the "Blue Screen of Death."
Topics
A security researcher has said there is a zero-day vulnerability affecting Windows 7 and Vista.
The flaw in Windows 7 could allow an attack which would cause a critical system error, or "Blue Screen of Death", according to researcher Laurent Gaffie.
Gaffie wrote in his blog that the flaw lies in a Server Message Block 2 (SMB2) driver.
"SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality," wrote Gaffie in a blog post on Monday.
Gaffie said he had contacted Microsoft. Comments on his blog by other users said that the flaw could lead not only to denial of service, but could also lead to remote code execution.
Computer security publication 'The H' wrote on Tuesday that its German sister publication had tested the proof-of-concept code, and that while the exploit had caused a reboot on Vista, the exploit had not worked on Windows 7.
Metasploit creator HD Moore said in a tweet on Tuesday that an SMB bug appeared to have been introduced into Vista SP1. Coder Josh Goebel said in a blog post that he had added the exploit code to Metasploit.
Microsoft had not responded to a request for comment at the time of writing.
This article was originally posted on ZDNet UK.
Just In
I think if this can be duplicated (as it seems from the story the 'bug' is inconsistent) the it will be patched. Every software has bugs and few software is more complex than an OS.
Windows needs to be completely rewritten. These daily exploits are just ridiculous.
These daily exploits are just ridiculous.
Hmmmm...what was yesterady's? Sunday's? Saturday's?
Hmmmm...what was yesterady's? Sunday's? Saturday's?
is this why I payed $300 for? I need my money back! I was robed by M$. I should have stayed with Linux instead.
Wait a minute. False alarm. My home Computers are all Ubuntu linux base.
Wait a minute. False alarm. My home Computers are all Ubuntu linux base.
Linux has it's share of vulnerabilities and so does windows, but the difference is that you pay money to get windows, while Linux is free and libre.
And when something like this comes along, the hard-earned money I paid will go towards the salary of the folks that will put out a patch for this 'flaw' by next tuesday. As opposed to me freely posting on Ubuntu forums and waiting for someone to freely care enough to freely code a patch. As always, you get what you pay for.
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
That assumes that the fix will be available by the next Tuesday of which I don't believe there is a guarantee.
It also makes an incorrect assertion that it is only hobby coders are fixing the linux Kernel vulnerabilities. Several companies have an interest in the kernel and actually pay their own coders to spend time submitting fixes. True, there may be less predictability of patch delivery (knowing it will be on a Tuesday but not necessarily predictability of which Tuesday).
I have been trying to locate recent studies which compare average time to deliver patches but have not found one that is not slanted to one side or the other to a large extent (ie MS funded or a pro-linux site). If any would have a comparison, that would be beneficial.
It also makes an incorrect assertion that it is only hobby coders are fixing the linux Kernel vulnerabilities. Several companies have an interest in the kernel and actually pay their own coders to spend time submitting fixes. True, there may be less predictability of patch delivery (knowing it will be on a Tuesday but not necessarily predictability of which Tuesday).
I have been trying to locate recent studies which compare average time to deliver patches but have not found one that is not slanted to one side or the other to a large extent (ie MS funded or a pro-linux site). If any would have a comparison, that would be beneficial.
Usually, as soon as I hear about a vulnerability I find a patch in the repositories the same day with Debian.
If I'm not mistaken it has sometimes taken MS month to fix vulnerabilities. Years even...
If I'm not mistaken it has sometimes taken MS month to fix vulnerabilities. Years even...
Refer back to that 8 year old vulnurabiilty of Linux? Well to be fair, I think it only was in effect for 3 or 4 years. Sooo, lets not start getting anecdotal 'evidence'.
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
Difference is, Tim Patterson was writing about known vulnerabilities that went unpatched for years in Windows systems...
The vulnerability you describe was fixed same day.
The vulnerability you describe was fixed same day.
Now stop trying to spread FUD.
Linux has it's share of vulnerabilities and so does windows, but the difference is that you pay money to get windows, while Linux is free and libre.
Nobody said Linux is perfect. Just that Windows is
worse or at best even, and costs hundreds of
dollars.
worse or at best even, and costs hundreds of
dollars.
is even worse than the first one. Windows is 'worse' or at best 'even'. By what parameters? You've contributed nothing other then an irrelevant POV.
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
Just pointing out ye's straw man antics.
Oh look...yet another windows vulnerability...totally shocking.
Last time i checked.. at the Hacker convention last year (i forget what its called), Mac OS X was easier to hack than Windows. You Windows haters need to chill the fk out.
That the poster you responded to has a user name of linuxer.
Perhaps instead of flying off the handle and assuming you could perhaps take a look and get a better idea of what is being said and/or referenced?
Perhaps instead of flying off the handle and assuming you could perhaps take a look and get a better idea of what is being said and/or referenced?
Ya, Windows is atrocious, but that doesn't mean
you have to throw a fit every time somebody
acknowledges this fact. After all, it is
your choice to use it.
you have to throw a fit every time somebody
acknowledges this fact. After all, it is
your choice to use it.
Apple plugs 33 Mac OS X security holes. If you stick to mechanical typewriters you'll be safe from every software bug.
Windows Firewall is enabled by default, so the exploit can't work from remote.
Title is misleading. Win 7 not released yet so not even zero-day. More like, -1 day exploit. Shocking that an unreleased piece of software (albeit beta-tested) should have some holes to plug prior to release. Color me surprised. Really.
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
Comment on 'In Addition' statement. Windows 7 is released. The question is was the this exploit being tested on Windows 7 Beta or on the released Windows 7 RTM and will MS correct it in the RTM release before the Oct 22 general public release?
the Windows update by the time it goes public. The first thing I do when installing any os is update immediately.
It will be patched even in the existing beta/rtm installs that are out in the wild currently. Even if you have build 7000, you are still getting security patches. Also, RTM =/ release. On sale to public = release = October 22nd is it?
EDIT: Nevermind. It won't be patched, as there's nothing TO patch. Win 7 unaffected: http://news.zdnet.com/2100-9595_22-340550.html
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
EDIT: Nevermind. It won't be patched, as there's nothing TO patch. Win 7 unaffected: http://news.zdnet.com/2100-9595_22-340550.html
"The views expressed here are mine and do not reflect the official opinion of my employer or the organization through which the Internet was accessed."
You just can't officially buy it yet.
Why can't Ed (the) Bot or Mary Jo Foley ever report on these
things? Or, do the just report on the Mac exploits?... :-/
things? Or, do the just report on the Mac exploits?... :-/
"The flaw in Windows 7 could allow an attack which would cause a critical system error, or "Blue Screen of Death", according to researcher Laurent Gaffie. "
...
"and that while the exploit had caused a reboot on Vista, the exploit had not worked on Windows 7. "
So if the exploit does not work on Windows 7, why is the article entitled "Windows 7 zero-day reported" and why is there references to "the flaw in windows 7"?
Did you even read the original report:
http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070568.html
========================================
VI. SYSTEMS AFFECTED
-------------------------
Windows Vista/7 All (64b/32b|SP1/SP2 fully updated) and possibly Win Server
2008
as it use the same SMB2.0 driver (not tested).
======================================
NOT TESTED. The reporter only assumed the vulnerability was present. It's irresponsible on his part and shoddy journalism on yours.
...
"and that while the exploit had caused a reboot on Vista, the exploit had not worked on Windows 7. "
So if the exploit does not work on Windows 7, why is the article entitled "Windows 7 zero-day reported" and why is there references to "the flaw in windows 7"?
Did you even read the original report:
http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070568.html
========================================
VI. SYSTEMS AFFECTED
-------------------------
Windows Vista/7 All (64b/32b|SP1/SP2 fully updated) and possibly Win Server
2008
as it use the same SMB2.0 driver (not tested).
======================================
NOT TESTED. The reporter only assumed the vulnerability was present. It's irresponsible on his part and shoddy journalism on yours.
Well they have found one reason why Vista crashes to a BSOD, how many more are there? That is why it is best to follow the trailing edge of technology, many of the bugs are fixed.
None of the major systems are immune. They are all more or less on par re:security and usability. Whichever system you use and like is the best system in the world...for you. No one is going to change your mind, and I seriously doubt that any of you can change anyone's mind on their preferred system. So, keep on with your keeping on and don't worry about the rest!
wondering why I blue screened in vista the other day I wonder wonder wonder...
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
