SMB 2.0 Flaw Triggers BSOD

Security researcher Laurent Gaffie published on his blog details and a proof of concept of an attack using an unpatched vulnerability in Windows SMB 2.0 file servers .

The published code can be used to crash ( as in BSOD ) any Windows Vista or later Windows OS which has the SMB service enabled and accessible – that is, pretty much any machine in the same home or corporate network as the attacker.

Researcher Ruben Santamarta, who has also studied the issue, warns that the flaw may also be exploited to gain control over affected machines, albeit not in a reliable manner. Exploit code has not been published so far.

There is no patch for this vulnerability as yet.

UPDATE:

Microsoft has published an advisory , stating that, contrary to earlier reports, Windows 7 and Windows 2008 RC2 are not vulnerable. The RC Windows 7 version is, though.

The advisory recommends blocking ports on the perimeter firewall and disabling SMB on the internal network (which is a polite way of saying there is no fix yet).