Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected.
I want to be clear that this is a DoS vulnerability that is unrelated to Microsoft Security Bulletin MS09-050 which addressed a remote code execution vulnerability in the SMBv2 protocol. This vulnerability would not allow an attacker to take control or install malware on a user’s system, but could cause the affected system to stop responding until manually restarted.
We are actively monitoring this situation to keep customers informed and will provide additional guidance as necessary. While we are not currently aware of active attacks, we continue to recommend customers review the mitigations and workarounds detailed in the Security Advisory to protect themselves as we work to develop a comprehensive security update.
As always, we are working with our Microsoft Active Protections Program (MAPP) partners to help provide broader protections for customers and as we become aware of new information, we’ll provide additional updates as appropriate through the Security Advisory and the MSRC blog.
As always, we continue to encourage the responsible disclosure of vulnerabilities to help ensure customers receive high-quality security updates without exposure to malicious attacks.
Thanks,
Mike Reavey
*This posting is provided “AS IS” with no warranties, and confers no rights*