“In a security advisory, Microsoft acknowledged that a bug in SMB (Server Message Block), a Microsoft-made network file and print-sharing protocol, could be used by attackers to cripple Windows 7 and Windows Server 2008 R2 machines,” Keizer reports. “The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday, when he revealed the bug and posted proof-of-concept attack code to the Full Disclosure security mailing list and his blog. According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.”
Keizer reports, “Attacks could be aimed at any browser, not just Internet Explorer (IE), Microsoft warned. After tricking users into visiting a malicious site or a previously-compromised domain, hackers could feed them specially-crafted URIs (uniform resource identifier), and then crash their PCs with malformed SMB packets.”
Keizer reports, “Microsoft said it may patch the problem, but didn’t spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of Dec. 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall. Doing so, however, would disable browsers as well as a host of critical services, including network file-sharing and IT group policies.”
MacDailyNews Take: Oh, that’s convenient. Who needs to browse the Web with their PC, anyway? Just wait until December 8th. Good thing you “saved” $69 on that shitastic Dell laptop instead of getting that Apple MacBook you really wanted, huh, Lauren? Lauren? Oh, Laaauuuren?
Full article here.
MacDailyNews Take:
Direct link via YouTube here.
W7 good for everything except surfing the web.
“…saying most users would be protected from attack by blocking two ports on their firewall,”
Ah, yes. Very user-friendly. Perhaps they should include that in their commercials — “Win 7 was made by me… and btw be sure to block two ports on your firewall, and don’t forget to open ipconfig and blah blah blah…” Windows is such a POS.
the only reason that we are forced to use the network layers of the OSI for security is because Microsoft sucks. If they simply did things like make applications that didn’t have functionality problems, we wouldn’t have to block traffic.
properly made applications would reject malformed data on their input port. But alas, thanks to everyone being paranoid, we have to modify our networks to protect users from the shit products that they use.
i have had Macs on the internet since 1995 – i have never turned on a firewall or used a piece of anti-virus software. I have run mail and email servers on them as well. I have seen millions of attacks on these machines, but never once was i ever broached because i didn’t chose to use shit products from a shit company.
According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.
Are you kidding? Pulling the plug is the only way I can log out. Ever.
^^ OSI Model
Windows 7 is not gonna have any of the problems Vista had…
…it’s gonna have a whole host of new ones as well – for FREE!
How can Microsoft “downplay” a vulnerability which requires users to block ports on their firewall that will cripple their web browsers?
Microsoft said it may patch the problem,
…”may”?? What, if they happen to feel like it?
</i>but didn’t spell out a timetable or commit to an out-of-cycle update</i>
Oh, well no hurry guys, don’t rush or anything… sheesh.
most users would be protected from attack by blocking two ports on their firewall
ALL Vista7 users could be protected by disconnecting from the Internet.
Windoze users think that Al Gore invented the internet so that we could maliciously infect PCs using our evil Macs.
Internet? We don’t need no stinkin’ internet.
99% of windows users don’t know how to block ports in their firewall, most don’t even know what a firewall is let alone what a port is
Hi Grandma,
Its almost Tuesday and close to another patch-day for your computer. Good news … you don’t need to call me this week (BTW, just to bring up something we talked about last time, 9am in NY is not noon in CA). Anyway, with your upgrade to Vista, Microsoft has a much improved patch program. They now have a “yeah, right” or “as if!” policy, adapting some of the more insightful technological theories from Valley Girls, Inc. So, no more patches! Who would’ve thunk they had made such progress!
L, Bud
7ista users would be easily protected from attack by simply disconnecting the computer’s power cable. Until next month or so. (other attacks not included in this message.)
Best wishes and good luck,
Steve Ballmer
I’m a PC, and Windows 7 is my fault.
…cripples Windose?
I thought Micro$aft was already shipping it like that?
I really love these MacDailyNews Takes ! =)
…”most don’t even know what a firewall is”…
Most people I know call it fireball, but still don’t know what is its purpose. Also, I often hear them mention gates when trying to talk about ports…
At least vulnerability can’t be used to turn your Windows PC into a spambot. It just crashes your PC. I think that’s an improvement.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
While this is a significant hole in Windows 7’s security, until there is an exploit in the wild Mac users should not gloat. There have been security holes found in Mac OS X, but none have an exploit in the wild. Thus, for all practical purposes, those “proof of concept” exploits have not mattered.
While there are many hacks out there in the wild attacking Windows, pointing to this one zero-day exploit is a worthless effort. If an exploit shows up in the wild before Microsoft patches this hole then it will be a major issue. Until then it’s just something to note and move on.
Oh yeah, Windows 7 sure closes the gap between Macs and PCs *snicker*
I wonder what happened to all those people who were posting comments here about how W7 fixed everything that was wrong with Windows and how it so totally wasn’t like Vista and how the glowing praise was really genuine this time and not the usual artificial praise that Microsoft manufactures out every time a new Windows comes down the pike.
What happened to them? Oh right.
Recent layoffs at Redmond
” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
But it’s so easy to do:
How to disable port 445?
You can easily disable port 445 on your computer. To do so follow these instructions:
1. Start Registry Editor (Regedit.exe).
2. Locate the following key in the registry:
HKLM\System\CurrentControlSet\ Services\NetBT\Parameters
3. In the right-hand side of the window find an option called TransportBindName.
4. Double click that value, and then delete the default value, thus giving it a blank value.
5. Close the registry editor.
6. Reboot your computer.
7. After rebooting open a command prompt and in it type: netstat -an
See that your computer no longer listens to port 445.
Windows is such sweet employment security for IT.
7ista to surf the web? Who would use that? Oh wait, Lauren & Skippy would. My Bad! LMAO!
Lets see running total for Microsoft TAX is about 25-30 Billion dollars by now right?
@ Rev.Dr…
” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
Here’s my surprised look
: l
What the article fails to say is that most ISP’s actually block any internet traffic on these ports already. These are known vulnerable ports from a long long time ago and and Firewall administrator that doesn’t have these ports blocked already should be fired.