Zero-Day Exploit Exposed
A security expert who goes by the name of "Cupidon-3005" has uploaded proof-of–concept code for an exploit that can blue screen all versions of Windows. The most vulnerable, according to Microsoft, are Windows Domain Controllers.
Not only can an attacker blue screen your machines, it also opens the machines up to remote code execution.
"The vulnerability is inside an error-reporting function of the CIFS browser service module. The function gets a variable number of arguments as parameters. Those string arguments are pushed on the stack for processing. In some cases, some of the strings can be controlled by the attacker," a TechNet blog explained.
Posted by Doug Barney on 02/23/2011 at 1:18 PM