Vista/Server 2008/Windows 7 remote DoS

Discuss security issues related to microsoft products

Moderator: Community Moderators

Post Reply
muto
Posts: 417
Joined: Sat Mar 29, 2008 12:46 pm

Vista/Server 2008/Windows 7 remote DoS

Post by muto » Tue Sep 08, 2009 4:31 pm

The new SMB2 stack has a lovely exploit in it, that's very close to the old 'Ping of Death'; and lets you send a single packet to bluescreen a machine running (fully patched) Windows 7, and was later confirmed to affect Server 2008 and Vista as well. It's very close to a RCE exploit as well, there's the potential for it there, but we've yet to see a working PoC...

http://isc.sans.org/diary.html?storyid=7093

muto
Posts: 417
Joined: Sat Mar 29, 2008 12:46 pm

Re: Vista/Server 2008/Windows 7 remote DoS

Post by muto » Thu Sep 17, 2009 7:31 am

It's just been confirmed that RCE is now possible through this, leading to a remote exploit that gives you administrative rights...

Worm anyone?

User avatar
TJ_2k7
Posts: 878
Joined: Wed Jul 04, 2007 6:31 pm

Re: Vista/Server 2008/Windows 7 remote DoS

Post by TJ_2k7 » Fri Sep 18, 2009 4:23 pm

I'm not surprised in the slightest, it is Microsoft after all ;)

Normal stuff will happen; Exploit is found, Microsoft posts 'security bulletin' and then sends a update over Windows Update =/

Darkness62
Posts: 4
Joined: Tue Nov 10, 2009 6:41 pm

Re: Vista/Server 2008/Windows 7 remote DoS

Post by Darkness62 » Tue Nov 10, 2009 7:00 pm

Do all OS's have the same issues or is it just Microsoft?

User avatar
ICT Tech
Community Master Admin
Posts: 1415
Joined: Thu Jul 26, 2007 6:33 pm
Location: In my chair!

Re: Vista/Server 2008/Windows 7 remote DoS

Post by ICT Tech » Sun Dec 06, 2009 12:52 am

Just Microsoft!!! :lol:

Well now, Microsoft doe have these exploits are in MS OS's, however, when a new OS is released they normally all do have some bugs, but they normally all get patched with the Updates etc :P
ICT Tech
Senior Community Admin

muto
Posts: 417
Joined: Sat Mar 29, 2008 12:46 pm

Re: Vista/Server 2008/Windows 7 remote DoS

Post by muto » Sun Dec 06, 2009 9:25 am

Yeah, but Linux doesn't leave you vulnerable for a whole month until they get off the arses and do an update. When a Linux 0day comes out, there's almost always a patch being pushed within 24 hours, less if it's critical.

User avatar
ICT Tech
Community Master Admin
Posts: 1415
Joined: Thu Jul 26, 2007 6:33 pm
Location: In my chair!

Re: Vista/Server 2008/Windows 7 remote DoS

Post by ICT Tech » Mon Dec 07, 2009 10:04 pm

muto wrote:Yeah, but Linux doesn't leave you vulnerable for a whole month until they get off the arses and do an update. When a Linux 0day comes out, there's almost always a patch being pushed within 24 hours, less if it's critical.
That's very true!

That is actually very true!! :P
ICT Tech
Senior Community Admin

Post Reply