Linked by Thom Holwerda on Tue 8th Sep 2009 21:58 UTC
Windows We usually don't report on security flaws, unless they're on platforms that usually don't see such flaws, or when the flaw in question is pretty serious. Well, a new zero-day flaw has been discovered in Windows Vista and Windows 7 which will trigger a blue screen of death using the new SMB 2.0 protocol. Update: Windows 7 RTM and Windows Server 2008 R2 are not affected by the flaw. So, this is less of a problem than expected.
Thread beginning with comment 383056
To read all comments associated with this story, please click here.
Comment by daedalus8
by daedalus8 on Wed 9th Sep 2009 16:37 UTC
daedalus8
Member since:
2008-03-10

Test your code against RTM and see if it works. I haven't done so yet. But after seeing the notepad awesomeness and now SMB.. I think that Adobe/CA(Computer Associates) can rest assured that they will never have the most crappy software design.

I leave you guys with some ASM code to test out. This is not a BSOD issue, it's a Remote Exploit. A hax0r can take over your machine, so it's a bit more than just making it unavailable.. I smell botnets!!!

http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&t...

Reply Score: 1

RE: Comment by daedalus8
by PlatformAgnostic on Thu 10th Sep 2009 05:39 in reply to "Comment by daedalus8"
PlatformAgnostic Member since:
2006-01-02

What's this "notepad awesomeness"?

Reply Parent Score: 2

RE[2]: Comment by daedalus8
by Slambert666 on Thu 10th Sep 2009 12:48 in reply to "RE: Comment by daedalus8"
Slambert666 Member since:
2008-10-30

What's this "notepad awesomeness"?


On 7 Notepad does not need UAC elevation (it is elevated by default). So you can inject code into the Notepad process and have it auto elevate (if you are so inclined).

Reply Parent Score: 1