TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Zero-Day Security Flaw makes Windows PC vulnerable to Denial of Service Attacks

The CERT Team has revealed that an existing vulnerability in Microsoft’s Windows Operating Systems including Windows 10 that may allow a remote, unauthenticated attacker to gain access to the Windows system. They discovered a zero-day vulnerability in the Server Message Block (SMB) of the Windows Operating systems which lets attackers carry out Denial of Service Attacks and crash the entire operating system leading to Blue Screen of Death (BSOD).

CERT collaborates with government organizations, like the U.S. Department of Defense and the Department of Homeland Security (DHS); law enforcement, including the FBI; the intelligence community; and many industry organizations on cybersecurity matter.

patch tuesday

Exploiting the vulnerability attackers can introduce all sorts of attacks such as downloading a malicious code on the victim’s PC. As per CERT, the vulnerability is applicable to Microsoft Windows 8.1 and Windows 10. Further, it may also affect the Windows Server systems, Windows Server 2016 and Windows Server 2012 R2.

The Cert Notice reads,

“Microsoft Windows fails to properly handle traffic from a malicious server. In particular, Windows fails to properly handle a specially-crafted server response that contains too many bytes following the structure defined in the SMB2 TREE_CONNECT Response structure. By connecting to a malicious SMB server, a vulnerable Windows client system may crash (BSOD) in mrxsmb20.sys”

Microsoft not rushing to Patch zero-day vulnerability

Apparently, Microsoft rated this vulnerability as low risk and will not rush for the Patch release. Laurent Gaffie the researcher behind this zero-day exploit, tweeted that he’d found a zero-day vulnerability in SMBv3 and released a proof-of-concept exploit at GitHub.

Laurent claims to have privately disclosed the issue to Microsoft on September 25 last year. Microsoft responded saying that had a patch ready for its December patch release, but decided to wait until its scheduled February 14 “Patch Tuesday” update to release several SMB patches rather than a single fix in December.

Workaround

As per CERT there is no practical solution to arrest the vulnerability as of now. The organization advises blocking outbound SMB connections from the local network to the WAN.

8 Shares

Updated on Tags:

AnkitGupta@TWCN

Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap