Sent to you by l5g via Google Reader:
via hacking expose! : extreme disclosure by noreply@blogger.com (d3ck4) on 10/1/09
picture shows an ethical test drive (with *permission* of cos ;-) of the latest smb2 remote command execution exploit (metasploit version) against windows vista home premium service pack 1
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
This module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.
this issue has been notified here before. details about the vulnerability advisory and workaround is here or read more here. the exploit is now public, a new worm is set to launch for sure while the patch is soon to be available..
..and all the kids goes to heaven ;-)
knock! knock! wake up!
Things you can do from here:
- Subscribe to hacking expose! : extreme disclosure using Google Reader
- Get started using Google Reader to easily keep up with all your favorite sites
No comments:
Post a Comment