An independent security consultant publicized this week the details to a critical flaw in the simple message block version 2 (SMB2) component of Microsoft's Windows Vista, Windows Server 2008, and the release candidate for Windows 7.
The researcher, Laurent Gaffié, claimed in his advisory that the vulnerability causes a Blue Screen of Death, a pernicious crash on Windows system, but other researchers have subsequently concluded that the flaw is actually remotely exploitable, a more serious issue.
Microsoft acknowledged the flaw on Tuesday in an advisory. The flaw does not affect the latest version of Windows 7, Windows Server 2008 R2, nor Windows XP, the company stated. Microsoft took the researcher to task for disclosing the information before it fixed the security issue.
Yet, Gaffié argued that the disclosure was fair. The software company should have done more software quality assurance (SQA) on the networking components, he said in an e-mail interview with SecurityFocus. If they did, they would have easily found the issue -- it took his fuzzer only 15 packets to crash the component, he said.
"So I personally think the one who has been irresponsible is Microsoft for shipping this driver on any Server 2008, Vista, and Windows 7 (system) without doing any SQA and security review," he responded.
Gaffié said he notified the company, but had a typo in the e-mail address.
While Microsoft has not released a fix for the issue, the software giant recommended that administrators disable SMB version 2 or block the specific TCP ports (139 and 445) used by the file-sharing feature.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos