Shinare
SEXNOCULAR
Joined: 17 Mar 2004
Posts: 13332
Location: Up your butt with a coconut!!
|
Vulnerability/Exploit Alert
|
|
You all have probably heard about this already, but I thought I would pass this along.
A flaw in the Microsoft SMB2 protocol has been identified and is being
actively exploited. While originally identified as a denial-of-service
issue, recent developments indicate that a remote code execution component
will be added to attack frameworks in the very near future. A successful
attack could result in the attacker obtaining complete control of the
compromised
system. In the absence of a patch, Microsoft recommends that users disable
SMB v2
and block TCP ports 139 and 445 at the firewall.
This should be a best practice for any internet facing Microsoft server.
The vulnerability exists on SMB2 in Windows Vista SP1 and above and in
Server 2008 operating systems.
Heres a link to a new article that contains links to REG files that will automatically disable SMB2 and also one that will re-enable it. _________________ For with what measure you measure it will be measured to you.
|