Security advisory issued late Tuesday by Microsoft on a reported zero-day flaw in Windows Vista and Windows Server 2008 has it that Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation.
The software maker said the latest issue affects the 'release candidate' version of Windows 7, but not the final version that was completed in July. Also, the recently completed Windows Server 2008 R2 is not vulnerable, nor are the earlier Windows XP and Windows 2000 operating systems. Microsoft said it will take action, which could include releasing a patch during its next monthly cycle or doing an 'out-of-band' release, if necessary.
The remote reboot flaw in Microsoft’s implementation of the SMB2 protocol expose users of Windows Vista to the teardrop attacks that used to be popular on Windows95. The flaw could allow an attacker to remotely crash any Windows Vista machine with SMB enabled.
Sign up here with your email