Tuesday February 9, 2010 11:31 PM AEST

SC Magazine Australia/NZ > News > Patch Management > Microsoft > Microsoft rushes out quick fix for SMB flaw

Vulnerability Alerts

SANS

Infocon: green
Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th)

Microsoft

Microsoft Security Bulletin Advance Notification for February 2010
Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure

CERT/CC

Latest Comments

"I too have been a labor voter for many years and will not be voting for them again. The ..."

on Net filter legislation to go public by March

by maxt | Feb 9, 2010 7:56 PM

"I’ve just had a user receive a rehashed version of this with an attached html file containing a ..."

on ATO struck by new phishing scam

by Owen Lutz | Feb 9, 2010 6:01 PM

"hi"

on Chinese hacker school shut down

by manish kumar | Feb 9, 2010 4:27 PM

"Hey 'hey con-roy' ... from Google Australia's head of policy Iarla Flynn"We don't believe that ..."

on Conroy meets with Google for YouTube filtering

by Keep it real | Feb 9, 2010 3:33 PM

"@penno Off-site storage is a good solution unless you have some decent backup software to ..."

on Opinion: My holiday tip - backup your data now

by Charmgene | Feb 9, 2010 2:36 PM

Microsoft

Microsoft rushes out quick fix for SMB flaw

Issue affects Vista and Windows Server 2008 users.

Microsoft has raced to ship a one-off workaround for the Server Message Block (SMB) v2 vulnerability disclosed earlier this week, in order to mitigate the risk of users’ Vista or Windows Server 2008 products being hacked.

The one-click fix, which was added to a Microsoft security advisory, has been designed to provide users’ machines with temporary respite from any remote code execution attacks targeting the known vulnerability, by disabling SMBv2 and then stopping and starting the Server service.

However, Redmond warned that disabling SMBv2 may slow down SMB connections between Windows Vista and Windows Server 2008 machines.

The firm also confirmed that the exploit code developed for the vulnerability by penetration testing firm Immunity does indeed work. “It works reliably against 32-bit Windows Vista and Windows Server 2008 systems,” said Microsoft in a posting on its Security Research and Defense blog.

"The exploit gains complete control of the targeted system and can be launched by an unauthenticated user.”

As with other security issues brought to light by researchers, such as the disclosure of IIS vulnerabilities recently, Microsoft is again holding the line that customers may have been put at unnecessary risk by the irresponsible way such vulnerabilities were disclosed.

“We continue to encourage responsible disclosure of vulnerabilities,” wrote the firm in its accompanying security advisory.

“We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.”

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Patch Management Whitepapers

Microsoft rushes out quick fix for SMB flaw

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management