Microsoft's latest patches hide serious threat

SMB and NetBIOS vulnerability.

Published Wed, Jan 14 2009 1:32 PM CST   |   Updated Tue, Nov 3 2020 12:37 PM CST
Three new bugs found in the way Windows handles SMB has raised the red flag for a number of security experts.

Although these bug have been patched by Microsoft people are concerned that these patches will not be put into place quickly enough to prevent their use.

The exploits can allow for remote execution and DoS attacks on the server by utilizing NetBIOS.

Read more here.

Microsoft's latest patches hide serious threat

Despite the seemingly light fare, experts say that IT should not be lackadaisical in applying the patch. An attacker does not need to steal any passwords in order to take over a machine or perform a denial-of-service (DoS) attack. Two of the vulnerabilities covered can lead to remote code execution while the third can lead to the DoS attack.

"In today's bulletin, the attacker does not require any credentials," says Amol Sarwate, manager of the vulnerabilities research lab at Qualys. "The vulnerable SMB ports are almost always guaranteed to be open for Windows to function properly so I would say this one is pretty serious."
And given the fact that the vulnerability is present on the Windows Server OS, there is no user intervention that has to occur before machines can be hacked. Just the mere presence of the server on the network makes it vulnerable.

The patch is listed "critical" on Windows 2000, XP and 2003 because NetBios is turned on be default, but only moderate on Vista and Windows Server 2008 where NetBios is off by default.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles