Windows7 escaped execution this week of a month using the patch process, but has not escaped the attention of hackers. Some security researchers say they have found the first Windows7 zero-day vulnerabilities. Microsoft is investigating this issue.
Security researchers LaurentGaffié Wednesday (Nov. 11) to the Microsoft called criticism of Microsoft's SDL (Security Development Lifecycle) process. He also published a security vulnerability using the proof of concept code. He said the exploit code could allow Windows7 and WindowsServer 2008 R2 system crashes.
Gaffié in the blog, said the security hole is a real SDL failed to prove. The flaw is simple, if there is SDL, then the vulnerability should be discovered two years ago.
The vulnerability of the core is the basis for Windows file sharing SMB (Server Message Block) protocol. It Gaffié said the security hole caused by infinite loop SMB protocol and can be caused by the IE browser, remote fault. Gaffié in the Nov. 11 release of this exploit proof of concept code had before November 8 to Microsoft about this vulnerability.
Although Microsoft did in the past there have been SMB protocol vulnerabilities, but security researchers, using the default firewall settings that are difficult to exploit vulnerabilities on. There is a workaround to this approach: block router or firewall 135,139 and 445 ports to prevent outside of SMB communications into the system.
Anti-virus software company Sophos senior security consultant ChetWisniewski for Windows7 so soon after the release of security vulnerabilities found not surprised. He said this is because the code Windows7 early as this summer on the final set. Attackers have plenty of time to find one of the security vulnerabilities. The vulnerability is not difficult to discover, leading to boast of his attackers, said Microsoft holes this vulnerability is so stupid.
The security loophole is no danger for users. As Gaffié pointed out, use this vulnerability could cause the collapse of the host. This means that the computer will restart. Wisniewski pointed out that the zero-day flaw so far is not the form of worms, only Windows7 and WindowsServer 2008 R2. This means that this attack is a denial of service attacks now.