EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

11.12.09

Vista 7 Exploit is Out (Zero-Day Vulnerability)

Posted in Microsoft, Security, Servers, Vista 7, Windows at 12:11 pm by Dr. Roy Schestowitz

Vista 7

Summary: Vista 7 and Server 2008 R2 both suffer from a zero-day hole and there is no solution to it yet

VISTA 7 was never a secure operating system, not even when it was in beta. To give a sample of posts on that matter:

The reality of this matter is that Vista 7, as expected, has a very major new flaw, which is already being exploited

This bug is a real proof that SDL #FAIL
The bug trigger an infinite loop on smb{1,2}, pre-auth, no credential needed…
Can be trigered outside the lan via (IE*)

It sure sounds familiar and Microsoft does no deny it.

Microsoft probing Windows 7 zero-day hole

Microsoft said on Wednesday it is looking into a report of a vulnerability in Windows 7 and Server 2008 Release 2 that could be used by an attacker to remotely crash the computer.

[...]

Gaffié also posted proof-of-concept code for the “Windows 7, Server 2008R2 Remote Kernel Crash.”

“It is an error in the SMB protocol,” tells one person, “and it sends the machine into an infinite loop. Power cycle or reset time it is.”

A reader of ours asks: “Isn’t this a repeat of the teardrops-like exploit from this summer / fall?

“If so, then the reporters seem to think they can get away with [fooling] the public as to how long Microsoft is taking to patch their problems.”

Update: The Windows kernel has just had critical holes addressed, but the above remains unpatched.

Microsoft on Tuesday issued six security bulletins fixing 15 vulnerabilities, including a critical patch for holes in the Windows kernel and other Windows and Office components that could allow an attacker to take control of a computer.

One of our readers was unable to find out if the RBS disaster has Windows to blame. It’s too secretive.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 15/4/2014: Lots of PCLinuxOS Releases, Ukraine Updates

    Links for the day



  2. Apple and Microsoft Actively Lobbying Against Patent Reform in the US

    Apple and Microsoft are reportedly intervening/interfering with US law in order to ensure that the law is Free/libre software-hostile



  3. Lawsuit by Microsoft Shareholder Targets Fine for Crimes Rather Than the Crimes Themselves

    A new lawsuit by a Microsoft shareholder shows everything that's wrong with today's model of accountability, where those who are responsible for crimes are accused of not avoiding fines rather than committing the crimes



  4. Public Institutions Must Dump PRISM-Associated Software

    Another reminder that taxpayers-subsidised services should refuse, as a matter of principle, to pay anything for -- let alone deploy -- proprietary software with back doors



  5. GNU/Linux News: The Opportunities Amid XP EOL

    Links for the day



  6. Microsoft Gets Its Money's Worth From Xamarin: PlayStation 4 Now Polluted by Microsoft

    The Trojan horse of Microsoft, Xamarin, is pushing .NET into Microsoft's console competitor



  7. After Brendan Eich Comes Chris Beard

    Having removed Brendan Eich using bullying and blackmail tactics, his foes inside Mozilla achieved too little as we have yet another man (coming from inside Mozilla) acting as CEO



  8. Healthcare News: Free Software in Health, Humanitarian Causes

    Links for the day



  9. Links 14/4/2014: MakuluLinux, Many Games, More Privacy News and Pulitzer Prize for NSA Revelations

    Links for the day



  10. TechBytes Episode 87: Catching up With Surveillance (NSA, GCHQ et al.)

    The first audio episode in a very long time covers some of the latest happenings when it comes to privacy and, contrariwise, mass surveillance



  11. Server News: KVM, ElasticHosts, Other GNU/Linux Items, and Open Network Linux

    Links for the day



  12. Hardware News: Freedom, Modding, Hackability on the Rise

    Links for the day



  13. Distributions News: GNU/Linux Distros

    Links for the day



  14. GNOME News: Financial Issues, Mutter-Wayland, West Coast Summit, Community Participation

    Links for the day



  15. KDE News: Kubuntu at the Centre Again KDE Applications Updated

    Links for the day



  16. Techrights Rising

    Effective immediately, Techrights will do what it takes to bring back old volume and pace of publishing



  17. Links: Surveillance, Intervention, Torture and Drones

    Links for the day



  18. Mobile Linux Not Just Android: Jolla, WebOS, and Firefox OS News

    Links for the day



  19. Google's Linux Revolution: New Gains for Android, Chrome OS (GNU/Linux)

    Links for the day



  20. Free/Libre Databases News: MongoDB, NoSQL, and MySQL Branches/Forks

    Links for the day



  21. Open Access on the Rise: Textbooks, Journals, Etc.

    Links for the day



  22. Finance Watch (Watching What's Not Being Watched): Economic Warfare/Class Injustice

    Links for the day



  23. Climate and Ecology Watch: News About a World Being Destroyed

    Links for the day



  24. Copyright News: DRM, Censorship, Megaupload, Hypocrisy, and Impact on the Internet

    Links for the day



  25. Sharing Works: Latest News Stories About Crowd-sourcing, Sharing, Transparency

    Links for the day



  26. Links 12/4/2014: Games

    Links for the day



  27. Links 12/4/2014: Applications

    Links for the day



  28. Links 12/4/2014: Instructionals

    Links for the day



  29. Political News: Protests Face a Ban, Covert Actions Continue, Cold War Era Imperialism, Privacy, and War on Justice

    Links for the day



  30. Ubuntu News: Themes, Unity 8, Meizu Phone, Ubuntu Touch, and Elementary OS

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts