The First Windows 7 Zero-Day Exploit 289
xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."
OMG what if my computer doesnt have a white button (Score:5, Funny)
What are my options? New computer?
Not much of an exploit.. (Score:3, Funny)
No remote code execution? Boring. Let's see if some people out there could weaponize it and throw it into a metasploit module. Then it's interesting.
Well researched article, that... (Score:4, Funny)
From the article:
"Instead, the company suggested users block TCP ports 139 and 445 at the firewall. Doing so, however, would disable browsers as well as a host of critical services, including network file-sharing and IT group policies."
Good to know that blocking ports 139 and 445 will block browsers, we wouldn't want people actually doing that, after all!
Terrifyingly potent (Score:5, Funny)
A maliciously crafted URI could hard-crash affected machines beyond any remedy
Oh no! A PC-killer!
besides pushing the white button
A reboot? Well, it's an unorthodox and extreme solution to a machine crashing, we'll have a hard time convincing Windows users to do that.
Re:pushing the white button?? what does that mean? (Score:2, Funny)
Re:How is this zero-day? (Score:3, Funny)
My computer doesn't have a white button (Score:3, Funny)
... they're all black ... you insensitive clod.
Re:OMG what if my computer doesnt have a white but (Score:4, Funny)
Simply use Wite-Out, or Liquid Cover-Up, doesn't matter what button, as long as it's white.
Re:buttons (Score:5, Funny)
Re:pushing the white button?? what does that mean? (Score:5, Funny)
#3043-001 USB White Button Kit........34.99 + Shipping
Ideal for computers not shipped by the manufacturer with a White Button pre-installed.
A White Button is essential for all Windows Users. Upon a system failure, Denial of Service attack or crash, pressing the White Button releases a scientifically-formulated, airborne scent of soothing essential oil fragrances, including: Verbena, Sweet Orange, Roman Camomile and Ylang Ylag.
At the same time, one of a number of pre-programmed actions are triggered while you listen to a random selection of 10 relaxing 'mood music' tracks.
Basic actions include:
1) Reboot
2) Call my IT Support department
3) Call the manufacturer's support department and cancel my evening dinner arrangements
4) Reinstall current OS
5) Reinstall current OS after backing up all user data
6) Wipe and install CentOS
7) Wipe and install Ubuntu
8) Order me a Mac
9) Order me a Big Mac, fries and a Coke
Secondary actions can also be triggered from:
A) Call Microsoft HQ every 'x' minutes and shout 'Fuck it' down the line.
B) Post my CV to Linux-only job sites
C) Rub my shoulders (Requires optional add-on #RS01)
D) Dial local suicide help line
A deluxe version of this item is available (#3043-002, 139.99 + Shipping). This model includes an external 10" LCD panel that can display random pages from a number of Web sites (slashdot.org, fark.com, silicon.com, cloudappreciationsociety.org and todaysbigfail.com)
Extras and consumables:
* #3043-S01 Replacement aromatherapy scent cartridge - pack of 12
* #3043-S02 Replacement mustard gas scent cartridge sold singly, no returns
* #3043-M01 Extended play music ROM - an extra 4 hours of music (for Dell Support customers)
* #3043-P01 Enlarged White Button with face of Steve Ballmer on top. Comes complete with real wood mini hammer and elastic band-powered mini crossbox with safe-tip(TM) arrows (pack of 12 buttons)
"Pay packet?" (Score:4, Funny)
Mine turned out to be maliciously crafted.
Re:Are you trolling? (Score:3, Funny)
loses it's [sic] meaning
your [sic] plain wrong
That last one might be ironic.
xx
Re:My computer doesn't have a white button (Score:3, Funny)
I call it Computing with Thrills (TM) ;)
Re:How is this zero-day? (Score:4, Funny)
Exactly.
It's not as though Windows exploits are a scarce event. There'll be plenty more where that came from, so you can be semantically correct next time.
Re:Ball kicking time (Score:2, Funny)
That's setting a dangerous precident. (Score:2, Funny)
The very idea of undoing your own powerful moderation use -- even if (especially if) you used it mistakenly is very un-slashdot of you. You're supposed to stay completely anonymous in your abusive mistake, and use those points to call all opinions you don't agree with either redundant or flamebait. Didn't you read the destructions the first time you got mod points?
Re:Ball kicking time (Score:1, Funny)
Re:Are you trolling? (Score:3, Funny)
Actually, the grandparent poster is correct. Zero-day means just that. What you're talking about needs a different word.
I believe the term "Windows exploit" in itself adequately covers that it was quickly and easily discovered and abused.
Bonus points for stating that anyone who thinks differently from you must be stupid.
Damn Mac users eh?
Re:Yes, any admin... (Score:4, Funny)
...but what about home users?
What, you don't have an IT staff at home?
Re:Are you trolling? (Score:5, Funny)
I tried blaming my keyboard once. It just stared back at me knowing that it had done nothing wrong and I couldn't prove otherwise. The little bastard had me in a corner and the other people in the office were staring at me.
Re:How is this zero-day? (Score:3, Funny)
So, we'll see you next Tuesday? ;)