|Microsoft issues critical Windows patches|
Patch Tuesday - September 2009
September's Patch Tuesday is here with a number of vulnerabilities patched across several MS OSs (not Windows 7).
|Microsoft issues critical Windows patches [news.cnet.com] |
Microsoft on Tuesday issued five critical Windows-related updates as part of its monthly Patch Tuesday release.
While the issues affect different versions of Windows differently, Microsoft said none of the issues apply to the final version of Windows 7, which Microsoft wrapped up in July.
The five bulletins address eight vulnerabilities. According to Symantec Security Response research manager Ben Greenbaum, the two vulnerabilities most likely to be used by attackers involve the way Windows handles ASF and MP3 media files. "We've seen similar exploits in the past and all a user would have to do is visit a compromised Web site hosting one of these malicious files, which could be an MP3, WMA or WMV file, and they could become infected."
Thanks for that Bill.
wonder if/when they want to address this issue:
Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it's used to identify the SMB dialect that will be used for futher communication.
V. BUSINESS IMPACT
An attacker can remotly crash any Vista/Windows 7 machine with SMB enable.
Windows Xp, 2k, are NOT affected as they dont have this driver.
VI. SYSTEMS AFFECTED
Windows Vista/7 All (64b/32b�SP1/SP2 fully updated) and possibly Win Server 2008
as it use the same SMB2.0 driver (but not tested).
<added> Apparently from [lists.grok.org.uk...]
[edited by: bill at 7:35 am (utc) on Sep. 9, 2009]
[edit reason] Added link to source [/edit]
You neglected to quote this part:
or this part:
|- Release date: September 7th, 2009 |
|VII. SOLUTION |
Vendor contacted, but no patch available for the moment.
Close SMB feature and ports, until a patch is provided.
I'd assume that means it is in process as MS has been notified, and 1 day notice wasn't long enough to allow MS to make the patch, test it and have it in a form that was ready to release. If it becomes an actively exploited hole you can bet that MS will escalate it.
Keep in mind that Windows 7, while having reached RTM, isn't being sold publicly yet. That might shift the priority for this patch a little.
I looked at the SMB vulnerability a bit more, and that is a zero-day vulnerability. Microsoft has released Security Advisory (975497) [microsoft.com]: Vulnerabilities in SMB Could Allow Remote Code Execution
This affects SMB sharing technology in Vista, Windows Server 2008, and Windows 7. In Windows 7 this is not a problem in the RTM, but it is a problem in the RC version of Windows 7. Beware.
The suggestion is that a firewall on your PC or network should protect you from this vulnerability until a patch is made available.