Microsoft has released three patches for vulnerabilities in the Server Message Block (SMB) file-sharing protocol in Windows, including two that could bring enterprise networks to its knees.The Remond-based company has rated two of the bugs as "critical" and the third as "moderate." The critical bugs are reported to be extremely dangerous because attackers can exploit them by simply sending malformed data to vulnerable/unpatched machines.
(The vulnerability is rated "critical" for Microsoft Windows 2000, Windows XP and Windows Server 2003, and "moderate" for Windows Vista and Windows Server 2008. Windows Vista and Windows Server 2008 are not affected by the SMB Buffer Overflow Remote Code Execution vulnerability.)
The latest bugs were found by researchers using information disclosed in SMB fixes Microsoft released in October and November. Microsoft also issued the first patch for the Windows 7 operating system (Beta), which was made available for download last week. That update fixes a flaw that removes several seconds of audio from any edited MP3 file (weird flaw).
Apparently the fix for the SMB vulnerability will in Windows 7 will be fixed in the next public release for Windows 7.
To read about the vulnerability report, visit the Microsoft Security Bulletin.
The latest update did not include an SQL Server patch — one that was expected by some researchers. Microsoft had announced last month that older versions of its SQL Server database contained a critical vulnerability — one that could be exploited and allow an attacked to execute code.
On another development — on a Microsoft vulnerability, again — many anti-virus companies like F-Secure, Symantec, Panda Security have stated that the variants of the Conficker/Rido/Downadup worm are spreading through networks infecting more than a million PCs. The vulnerability, which was detailed in a report on the Microsoft Security Center with a subsequent patch release, does not seem to have been plugged by users and system administrators. This lack of urgency has led to the proliferation of the worm, which now can infect networked machines via flash storage as well.
No comments:
Post a Comment