Unpatched exploit gets publicity
An exploit that got missed by the patches in MS06-035 is receiving public attention on mailing lists. The exploit itself has been public since July, and got reported on by Microsoft in their blog on July 28th.
Microsoft has confirmed in that blog that this is indeed a problem that results in a crash.
We also got confirmation from Microsoft that "this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin."
We are looking forward to a patch from Microsoft, but have no indication of a timeline at this point.
In the mean time, seriously consider blocking ports 135-139 and 445 if you have not done so already. It is good advise to have them restricted on all but your fileservers at all times.
Block it in your perimeter using firewalls or routers (e.g. in SOHO setups) and block them in personal firewalls to help tightening it down (think about e.g laptops outside the perimeter).
--
Swa Frantzen -- Section 66
Microsoft has confirmed in that blog that this is indeed a problem that results in a crash.
We also got confirmation from Microsoft that "this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin."
We are looking forward to a patch from Microsoft, but have no indication of a timeline at this point.
In the mean time, seriously consider blocking ports 135-139 and 445 if you have not done so already. It is good advise to have them restricted on all but your fileservers at all times.
Block it in your perimeter using firewalls or routers (e.g. in SOHO setups) and block them in personal firewalls to help tightening it down (think about e.g laptops outside the perimeter).
--
Swa Frantzen -- Section 66
Keywords:
0 comment(s)
×
Diary Archives
Comments