Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has raced to ship a one-off workaround for the Server Message Block (SMB) v2 vulnerability disclosed earlier this week, in order to mitigate the risk of users’ Vista or Windows Server 2008 products being hacked.The one-click fix, which was added to a Microsoft security advisory, has been designed to provide users’ machines with temporary respite from any remote code execution attacks targeting the known vulnerability, by disabling SMBv2 and then stopping and starting the Server service.However, Redmond warned that disabling SMBv2 may slow down SMB connections between Windows Vista and Windows Server 2008 machines.The firm also confirmed that the exploit code developed for the vulnerability by penetration testing firm Immunity does indeed work. “It works reliably against 32-bit Windows Vista and Windows Server 2008 systems,” said Microsoft in a posting on its Security Research and Defense blog."The exploit gains complete control of the targeted system and can be launched by an unauthenticated user.”As with other security issues brought to light by researchers, such as the disclosure of IIS vulnerabilities recently, Microsoft is again holding the line that customers may have been put at unnecessary risk by the irresponsible way such vulnerabilities were disclosed.“We continue to encourage responsible disclosure of vulnerabilities,” wrote the firm in its accompanying security advisory.“We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.”
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.