Windows 7, Vista Zero-Day Brings BSoD

Security researcher Laurent Gaffie reports that a zero-day vulnerability affecting both Windows 7 and Vista could allow an attacker to invoke the dreaded Blue Screen of Death. Apparently there is a flaw in a Server Message Block 2 (SMB2) driver that's causing the critical system failure. Gaffie's blog, posted yesterday, says that the driver fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality. Windows Server 2008 may also be affected by the exploit.

The H Security expands on the problem's definition, reporting that the driver crashes when the header of the "Process Id High" field contains an ampersand. The attack can travel through port 445 of the target system, and does not require authentication. The H Security also said that an exploit written in Python is already available.

The site's German associate actually tested the exploit, and succeeded in remotely rebooting a Windows Vista system. The test had no affect on the Windows 7 machine. According to ZDNet, Security researcher (and author of Metasploit) HD Moore suggests in this tweet that a SMB bug may have already been introduced into Vista SP1.

Kevin Parrish
Contributor

Kevin Parrish has over a decade of experience as a writer, editor, and product tester. His work focused on computer hardware, networking equipment, smartphones, tablets, gaming consoles, and other internet-connected devices. His work has appeared in Tom's Hardware, Tom's Guide, Maximum PC, Digital Trends, Android Authority, How-To Geek, Lifewire, and others.

  • vladtepes
    BSODs are to Windows as the spinning beach ball of death is to Mac OSX
    Reply
  • NightLight
    Someone should invent a BSOD vista gadget :p
    Mine would be stuck on "0"!
    Reply
  • theLaminator
    I'm still waiting to get a BSOD on my cell phone running Win Mobile, I'd quite possibly laugh my ass off. Though I'd be quite pissed if I lost data
    Reply
  • sot010174
    Sorry, but even the pentagon can be hacked, so why Windows would be more secure? I don't see the point in trying to spoil win7 launch party...
    Reply
  • BallistaMan
    @vladtepes: Actually, Macs have kernal panics as well - basically a black screen saying "Your computer has crashed" and no useful data (well duh it crashed :P). My dad's Macbook Pro gets one of those every month or two at least.
    Reply
  • vladtepes
    BallistaMan@vladtepes: Actually, Macs have kernal panics as well - basically a black screen saying "Your computer has crashed" and no useful data (well duh it crashed ). My dad's Macbook Pro gets one of those every month or two at least.
    Yes I know about that, but the "beachball of death" is much funnier than "kernel panic"
    Reply
  • dingumf
    Sweet, has this been patched yet?

    No? OH SHI-
    Reply
  • aspireonelover
    vladtepesBSODs are to Windows as the spinning beach ball of death is to Mac OSXactually
    BSODs are to Windows as the Kernel Panic is to Mac OSX ;)
    Reply
  • geoffs
    BallistaMan@vladtepes: Actually, Macs have kernal panics as well - basically a black screen saying "Your computer has crashed" and no useful data (well duh it crashed ). My dad's Macbook Pro gets one of those every month or two at least.Sounds like a hardware problem or an incompatible extension (.kext).

    My MBP has only given that message 1-2x in 24 months, and I've only seen the spinning beachball a few times. My MBP is rarely rebooted, I usually just put it to sleep.
    Reply
  • IzzyCraft
    not bug Feature
    Reply