Although it is a mildly critical problem that can hit a server with a denial of service attack from a local network, Microsoft has verified a workaround for a newly reported Windows vulnerability that affects XP, Server 2003, and Windows 2000 Server versions.
Restricting traffic to ports 135-139 and 445 have been confirmed by Microsoft as a workaround for a new DoS problem reported by ISS X-Force.
X-Force summarized the issue, which became public after Microsoft released its July patch updates to the public:
Multiple versions of Microsoft Windows are vulnerable to a null pointer dereference in the server driver (srv.sys). By sending a specially-crafted network packet to an affected system, a remote attacker could cause the system to crash.
The advisory from X-Force also claimed that exploit code is floating around in the wild. It will cause a vulnerable machine to "reliably" blue-screen, and that will require a reboot.
Microsoft's Adrian Stone, with the company's Security Response Center, wrote that they are investigating the problem. They have not received any reports of attacks at this time.
The exploit code does cause an affected system to crash. However, Stone pointed out that they "have not identified any possibilities with this issue that could allow remote code execution."
iEntry 10th Anniversary
RSS
Archive
Del.icio.us
Digg
Yahoo! My Web
Furl
