Microsoft's regularly scheduled Patch Tuesday update fixes three bugs in the Windows Server Message Block (SMB) file and print service. The patch is rated critical for Windows 2000, XP and Windows Server 2003 systems and moderate for Vista and Windows Server 2008. Microsoft said that corporate users should patch SMB servers and domain controllers immediately since a denial of service attack would have a high impact.
An attacker who exploited these holes could potentially install programs; view, change, or delete data; or create new accounts with full user rights. But Microsoft also said that the odds of attackers being able to successfully execute against these holes are iffy. According to the Security Vulnerability Research & Defense blog:
"The vulnerabilities cause a fixed value (zero) to be written to kernel memory – not data that the attacker controls. Controlling what data is overwritten is difficult. To exploit this type of kernel buffer overrun, an attacker typically needs to be able to predict the layout and contents of memory. The memory layout of the targeted machine will depend on various factors such as the physical characteristics (RAM, CPUs) of the system, system load, other SMB requests it is processing, etc."
On the other hand, IDG News Service reports that one hacker has already released DoS code that he says can be used to make an unpatched Vista system crash. Patching sooner, rather than later, is advisable.
Visit the Microsoft Subnet web site for more news, blogs, podcasts. Also see:
Windows 7: It's Still All About The XP UsersWhy Windows 7 will crush LinuxWindows Server 2008 R2 beta ready for downloadingMicrosoft Research projects to improve our lives17 job-hunting resources for Windows pros Subscribe to all Microsoft Subnet bloggers.bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)Sign up for the