Microsoft has released an advisory for a zero day bug that cropped up in Windows 7 the day after last week's November Patch Tuesday release. The vulnerability lies in the Server Message Block (SMB) protocol, which is used for file and printer sharing, and can reportedly be used by attackers to remotely crash any Windows 7 or Windows Server 2008 R2 system.
Microsoft is "actively monitoring" the vulnerability with the help of partners in its Microsoft Active Protections Program (MAPP), and may decide to fix the issue in next month's Patch Tuesday update or through a rare out-of-band patch, the company said in the advisory.
In the advisory, Microsoft also chides unnamed parties for not following the principles of responsible disclosure. Last week, security researcher Laurent Gaffie published a proof of concept for the flaw on the Full Disclosure mailing list.
Full Story
No comments:
Post a Comment