SMB 2.0 Flaw Triggers BSOD

Vista, Windows 7 Vulnerability Unpatched Yet

Security researcher Laurent Gaffie published on his blog details and a proof of concept of an attack using an unpatched vulnerability in Windows SMB 2.0 file servers .

The published code can be used to crash ( as in BSOD ) any Windows Vista or later Windows OS which has the SMB service enabled and accessible – that is, pretty much any machine in the same home or corporate network as the attacker.

Researcher Ruben Santamarta, who has also studied the issue, warns that the flaw may also be exploited to gain control over affected machines, albeit not in a reliable manner. Exploit code has not been published so far.

There is no patch for this vulnerability as yet.


Microsoft has published an advisory , stating that, contrary to earlier reports, Windows 7 and Windows 2008 RC2 are not vulnerable. The RC Windows 7 version is, though.

The advisory recommends blocking ports on the perimeter firewall and disabling SMB on the internal network (which is a polite way of saying there is no fix yet).

About the author


Razvan Stoica is a journalist turned teacher turned publicist and
technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Razvan Stoica started off writing for a science monthly and was the chief
editor of a science fiction magazine for a short while before moving on to
the University of Medicine in Bucharest where he lectured on the English
language. Recruited by Bitdefender in 2004 to add zest to the company's
online presence, he has fulfilled a bevy of roles within the company since.

In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.