o-day vulnerability SMB /CIFS Windows

Discussion in 'ESET NOD32 Antivirus' started by duijv023, Feb 24, 2011.

Thread Status:
Not open for further replies.
  1. duijv023

    duijv023 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    230
    Location:
    Rijnsburg, Netherlands
    Hi there,

    Does anyone know a good workaround for this issue
    http://blogs.technet.com/b/mmpc/archive/2011/02/16/my-sweet-valentine-the-cifs-browser-protocol-heap-corruption-vulnerability.aspx

    it is also mentioned here:
    http://blogs.technet.com/b/srd/archive/2011/02/16/notes-on-exploitability-of-the-recent-windows-browser-protocol-issue.aspx

    and here:
    http://isc.sans.edu/diary.html?storyid=10423

    One of my customers is (fully patched) coping with this as his machine illegally tries to become the masterbrowser.
    When it ocurs he even cannot acces files on a Novell server :eek:

    Greetings from holland
     
  2. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    I would turn off the Computer Browser service if you don't need it and make a habit of turning off NetBIOS on the network adapters when the systems go out assuming you have proper DNS infrastructure in place.
     
Thread Status:
Not open for further replies.