Windows 7 DoS flaw allows hackers to freeze Microsoft's newest OS

By Robert Westervelt, News Editor 16 Nov 2009 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Microsoft issued an advisory Friday warning users of a serious denial-of-service (DoS) vulnerability in the protocol that handles messages between devices on a network for its newest Windows 7 operating system.

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

The flaw, found in the Server Message Block (SMB), could allow a denial of service and crash a Windows 7 machine if exploited by an attacker. The Windows 7 DoS vulnerability could be exploited if a victim visits a malicious website.

"While we are not currently aware of active attacks, we continue to recommend customers review the mitigations and workarounds detailed in the security advisory to protect themselves as we work to develop a comprehensive security update," Mike Reavey, group manager at the Microsoft Security Response Center wrote in the MSRC blog.

Reavey said Microsoft engineers are working on an update to correct the Windows 7 DoS error. Disabling SMBv2 is not an effective workaround. According to a report issued by the SANS Institute, the flaw affects both SMBv1 and SMBv2.

Microsoft security updates: Oct - Microsoft addresses critical SMBv2 flaw, fixes record number of flaws: Microsoft addressed three critical vulnerabilities in Windows Server Message Block. Thirteen bulletins addressed a record 34 flaws.  Sept. - Microsoft repairs Windows media, TCP/IP vulnerabilities: Microsoft released five critical updates fixing a serious flaw in the Windows Media Format Runtime engine and TCP/IP processing errors that could crash Web and mail servers.  Aug. - Microsoft fixes Office Web Components vulnerability, kill-bit bypass: Microsoft repaired critical vulnerabilities in Microsoft Office Web Components affecting Office Word, Excel and PowerPoint viewer as well as its ISA and BizTalk servers.

The Microsoft security advisory urges customers to halt all SMB communications to and from the Internet by blocking TCP ports 139 and 445 at the firewall. The Windows 7 DoS workaround could cause some applications and services to fail, Microsoft said, but it would block any Web-based attacks from taking place.

To exploit the flaw, Microsoft said an attacker could force an SMB connection to an SMB server controlled by the attacker. The connection would then send a malicious SMB response to the victim's machine causing the Windows 7 system to freeze. A Web-based attack can be carried out if the victim is using any standard browser.

The DoS vulnerability affects Windows 7 32-bit and 64-based systems as well as Windows Server 2008 R2 on 64-based and Itanium-based systems. The United States Computer Emergency Readiness Team warned users and administrators Monday to review the Microsoft security advisory and enable the workaround.

It is the second security flaw to affect the fully released version of Windows 7. Microsoft issued a security update in October addressing ActiveX control issues in Windows 7 as a result of components built using a flawed version of Microsoft Active Template Library.

Tags: Windows Security: Alerts, Updates and Best Practices,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Security: Alerts, Updates and Best Practices Microsoft to fix 26 flaws in Windows, Office Microsoft warns that IE zero-day vulnerability causes data leakage Microsoft issues critical security update, blocks IE 6 attacks Microsoft emergency IE update to block latest corporate attacks Latest zero-day attacks only target IE 6, Microsoft says Hackers used IE zero-day in Google, Adobe attacks, McAfee says Microsoft issues advisory on Internet Explorer zero-day Microsoft releases Windows OpenType Font Engine patch Microsoft to patch single Windows 2000 vulnerability IIS configuration error leads to increased threat, Microsoft says

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary BotHunter  (SearchSecurity.com) principle of least privilege (POLP)  (SearchSecurity.com) security identifier  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary