Microsoft urges users to disable vulnerable Windows network protocol

Analysis
Sep 21, 20092 mins

Attack code exploits a critical unpatched bug in Server Message Block 2.

Attack code that exploits a critical unpatched bug in Windows is likely to go public soon. Until Microsoft can create a fix, the company wants users to run an automated tool that disables the vulnerable component. The bug is in SMB (Server Message Block) 2, a Microsoft-made network file- and print-sharing protocol that ships with Windows, affects Windows Vista, Windows Server 2008 and preview releases of Windows 7.

The automated “Fix it” tool posted Friday automatically disables the SMB 2 service, rendering any attack moot. That, however, also makes it impossible for PCs to communicate to file servers and network printers using the protocol, reports Computerworld.

The flaw was first disclosed Sept. 7 and since then, researchers have become increasingly alarmed by it. It may be used to create a worm, some say. The open-source Metasploit pen-testing software plans to add the attack code this week, according to HD Moore , a noted security researcher and one of Metasploit’s makers. Metasploit’s exploit code is often used by hackers to build malicious attacks.

Like this post? Check out these others.
  • Virtual Computer solves the XP to W7 upgrade problem
  • The iland Workforce Cloud: Go ahead keep your head and desktop in the cloud
  • Avaya Buys Nortel. What’s that mean for Microsoft?
  • Use FILESTREAM Data in 2008 but watch out…
  • Keys to Creating Successful Global Teams
  • Why you need vendors to adopt OVF before you move to the cloud
  • Virtualization Day: Virtual Machine Manager R2 RTM and Windows 7 XP Mode
  • September giveaways: Training and books

Plus, visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.) Follow All Microsoft Subnet bloggers on Twitter

Follow Julie Bort on Twitter