Redmond (ip-192.com): Microsoft discovered a new vulnerability in the Server Message Block (SMB) 2 network file- and print-sharing protocol in Windows Vista, Windows Server 2008, and the release candidates of Windows 7 and Windows Server 2008 R2 that can be used to hijack PCs, according to a press release.
Microsoft has issued a security advisory confirming the bug and the fact that it could be used to "take complete control of an affected system." The new editions of Windows 7 and Windows Server 2008 R2 are not affected, along with earlier versions of the operating system, including Windows 2000, XP and Server 2003.
Microsoft recommends that users disable SMB 2 by editing the Windows Registry or block TCP Ports 139 and 445 at the firewall until a patch is available. However, the company acknowledged that blocking those ports would cripple several services and applications.
The Windows bug was disclosed the same day Microsoft delivered five critical updates that patched eight vulnerabilities in Windows, including one in the JavaScript engine that ships with every supported version of the operating system.
Recent Comments