Windows 7, Vista Zero-Day Brings BSoD
An exploit in the SRV2.SYS driver can allow an attacker to remotely crash a PC with Windows 7 or Windows Vista.
Security researcher Laurent Gaffie reports that a zero-day vulnerability affecting both Windows 7 and Vista could allow an attacker to invoke the dreaded Blue Screen of Death. Apparently there is a flaw in a Server Message Block 2 (SMB2) driver that's causing the critical system failure. Gaffie's blog, posted yesterday, says that the driver fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality. Windows Server 2008 may also be affected by the exploit.
"An attacker can remotely crash any Vista/Windows 7 machine with SMB enabled," the blog reads. Apparently, Windows XP and 2000 are not affected, as they do not have the SRV2.SYS driver. Gaffie provides a proof of concept sample, and suggests that users close the SMB ports by un-ticking the boxes for file and printer access in the firewall settings until Microsoft releases a patch. Gaffie also contacted Microsoft, however no reply has been provided as of this writing.
The H Security expands on the problem's definition, reporting that the driver crashes when the header of the "Process Id High" field contains an ampersand. The attack can travel through port 445 of the target system, and does not require authentication. The H Security also said that an exploit written in Python is already available.
The site's German associate actually tested the exploit, and succeeded in remotely rebooting a Windows Vista system. The test had no affect on the Windows 7 machine. According to ZDNet, Security researcher (and author of Metasploit) HD Moore suggests in this tweet that a SMB bug may have already been introduced into Vista SP1.

Mine would be stuck on "0"!
Yes I know about that, but the "beachball of death" is much funnier than "kernel panic"
No? OH SHI-
actually
BSODs are to Windows as the Kernel Panic is to Mac OSX
My MBP has only given that message 1-2x in 24 months, and I've only seen the spinning beachball a few times. My MBP is rarely rebooted, I usually just put it to sleep.
If it was in vista too, how come it took this long to find?
confirmed to work on windows 7 64bit (crashed it three times about 20 minutes ago...)
If you need to connect into work, use a VPN and those ports/protocols can run over the VPN.
I think most ISPs block traffic on this port because of all the issues it brings... like file shares over the internet (I had fun with that lol). Most routers should be blocking it as well but that doesn't mean your safe. plug directly into the internet with an ISP that doesn't block traffic on that port and your vulnerable.
It's a very real concern for any user. for example: piss of someone in an online chat or something and they could DoS your computer. a simple loop in the python script and as long as your computer is connected to the internet you wouldn't be able to use it (would normal users think to unhook the internet when they get a BSOD? not unless they take it in to be "fixed" = $$$ free cash for the tech)
Just because this implementation of the exploit causes BSODs doesn't mean it's the only thing the bug could do.. maybe there's an opening for getting arbitrary code to execute?
If it works over lan it will work over wan since wan is like a huge lan working on the same principles.
However in the best/worse case scenario a lan exploit needs some tweaking in order to become effective over wan.