Microsoft Windows SMB Tree Connect Response memory corruption vulnerability

ronjor · Feb 2, 2017

Original Release date: 02 Feb 2017 | Last revised: 02 Feb 2017

Overview

Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service or potentially execute arbitrary code on a vulnerable system.
Click to expand...

Minimalist · Feb 4, 2017

Op-ed: Windows 10 0day exploit goes wild, and so do Microsoft marketers
There's a zero-day exploit in the wild that exploits a key file-sharing protocol in all supported versions of Windows. That includes Windows 10, the latest and most secure version of the Microsoft operating system. The exploit is probably not worth worrying about, but you'd never know that based on the statement Microsoft officials issued on Thursday when asked what kind of threat the exploit poses:

"Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible," an unnamed spokesperson replied in an e-mail. "We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."
Click to expand...

https://arstechnica.com/security/20...ofts-0day-exploit-communications-we-all-lose/

emmjay · Feb 4, 2017

This vulnerability just applies to Enterprise servers. This is how I read it.

It is up to the IT Specialists to deal with specific SMB versions they use. I read the Technet article and that how it reads to me.

Seems after 50 years in business, MS would have handled this situation a lot better. This is now the talking point rather than the status of the exploit.

Minimalist · Feb 28, 2017

In what’s turning out to be the zero day that keeps on giving, researchers are still finding ways to exploit an unpatched denial of service vulnerability that exists in the way Windows implements the Server Message Block protocol.
Click to expand...

https://threatpost.com/unpatched-smb-zero-day-easily-exploitable

itman · Feb 28, 2017

If you have a firewall with IDS protection such as Eset's, just disable anything to do with SMB. It's not need for stand-alone PC's.

Minimalist · Mar 2, 2017

Virtual Patching in the Spotlight Due to Unpatched Microsoft Vulnerabilities

Due to three recently disclosed Microsoft vulnerabilities, the use of Intrusion prevention system (IPS) protection to shield against vulnerabilities (often referred to as Virtual Patching) is back in the spotlight. These allow systems to be protected even if patches have not yet been released by vendors. The vulnerabilities were in the following components:

Core SMB service

Microsoft Internet Explorer and Microsoft Edge

Graphics Device Interface

Let’s take a quick look at these vulnerabilities to understand them and their potential impact. We will also look at what mitigations you can use in the absence of patches for these.
Click to expand...

http://blog.trendmicro.com/trendlab...ight-due-unpatched-microsoft-vulnerabilities/

ronjor · Mar 16, 2017

Microsoft SMBv1 Vulnerability

Original release date: March 16, 2017
Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 (SMBv1). Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.
Click to expand...

Log in or Sign up

Microsoft Windows SMB Tree Connect Response memory corruption vulnerability

ronjor Global Moderator

Minimalist Registered Member

emmjay Registered Member

Minimalist Registered Member

itman Registered Member

Minimalist Registered Member

ronjor Global Moderator

Log in or Sign up

Microsoft Windows SMB Tree Connect Response memory corruption vulnerability

ronjor Global Moderator

Minimalist Registered Member

emmjay Registered Member

Minimalist Registered Member

itman Registered Member

Minimalist Registered Member

ronjor Global Moderator

Useful Searches