Microsoft Windows 7 SMB DoS Vulnerability
 |
 |
 |
 |
 |
A denial of service vulnerability has been discovered in the way that the Microsoft Server Message Block (SMB) protocol. This vulnerability affects Windows Server 2008 and is also the first zero-day bug announced for Windows 7.
The SMB protocol is a network file sharing protocol that is implemented in Microsoft Windows. The vulnerability is due to an error in the SMB implementation that fails to sufficiently validate all fields when parsing specially crafted SMB packets. A remote attacker could exploit this flaw via a specially crafted network message. Successful exploitation could cause a denial of service condition on the target system and cause it to stop responding until manually restarted. Proof-of-concept exploit code is available in the wild.
Check Point provides immediate protection for this vulnerability through its IPS products, IPS Software Blade, SmartDefense, and IPS-1. These protections detect and block malformed SMB packets. Check Point announced IPS protection for this unpatched vulnerability before any other major IPS vendor. For more information, see CPAI-2009-296.