Microsoft Acknowledges Windows SMB Zero-Day Flaw

Posted 02/16/2011 at 1:35pm | by Pulkit Chandna

2

Comments

Print

A security researcher, known only by his nom de guerre “Cupidon-3005,” disclosed a new zero-day bug in Windows Server Message Block (SMB) on Monday. Opting for full disclosure, the security researcher posted exploit code for the vulnerability that, according to Secunia, can be exploited “to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.”

It has been confirmed to affect Windows Server 2003 SP2 and Microsoft Windows XP SP3 by French security firm VUPEN.

“This issue is caused by a heap overflow error in the‘BowserWriteErrorLogEntry()’ function within the Windows NT SMB Minirdr ‘mrxsmb.sys’ driver when processing malformed Browser Election requests, which could be exploited by remote unauthenticated attackers to crash an affected system or potentially execute arbitrary code with elevated privileges,” reads a VUPEN advisory about the vulnerability.

Microsoft acknowledged the vulnerability in an e-mail statement on Tuesday and said that the issue was being investigated. "Once we're done investigating, we will take appropriate action to help protect customers. This may include providing a security update through the monthly release process, an out-of-cycle update or additional guidance to help customers protect themselves."