Microsoft patches SMB vulnerability

Yesterday evening Microsoft issued a security bulletin concerning a security vulnerability in the SMB processing of Windows operating systems. The holes in the software are considered critical up to Windows Server 2003 and may allow attackers to execute remotely injected malware; in Vista and Windows Server 2008 they get rated less critical. Windows 7 only contains a DoS issue where the SMB service would fail and trigger a computer reboot.

Server administrators and users are advised to install the patch ASAP, even though Microsoft mentions that the security weakness should be hard to abuse. We’ve been taught better in the past.

Dirk Knop
Technical Editor