Windows SMB2 Vulnerability: Ability to Run Unauthorized Software on Exploited Vista PCs

A new code created by hackers that is designed to exploit a critical bug in Microsoft Windows operating system, has been released publicly. The public release of this code, or SMB2 vulnerability attack code, puts pressure on Microsoft to quickly come up with a fix to the flaw before it results in an outbreak of a computer worm that infects computers running Windows Vista SP1, Vista SP2, Windows 2008 SP1 Server and Sever SP2.

Stephen Fewer, Harmony Security’s Senior Researcher, has developed a new attack revealing that an attacker can run unauthorized software on an exploited computer. This in itself can escalate into a much bigger problem. Fewer's test code, as well as many others attack codes, have been added to an open-source penetration testing kit called Metasploit which is a computer security project that helps provide information about vulnerabilities and penetration testing.

This new SMB (server message block) Version 2 vulnerability has been known since September 7th of this year but remains to be un-patched. Other companies have developed their own attack code that exploits the same bug within Windows and added it to Metasploit. Because virtually anyone can download Metaspolit, the code can be used to attack Windows PC's. However, there remains to be a drawback in using the open source code, it only works on Windows Vista machines according to Immunity Senior Researcher Kostya Kortchinsky.

In a way, the public release of attack code to exploit a vulnerability within several versions of Windows, will force Microsoft to come up with a fix. Ultimately, this is the goal for many security researchers. Even though the bug is not known to affect other popular versions of Windows such as XP, Sever 2003, Windows 2000 and the upcoming Windows 7, it remains to be a viable threat if it is not resolved.

This flaw does not affect Windows XP, Windows 2000 and Windows Sever 2003 mainly due to the reason that this exploit resides in the SMB (server message block) version 2 system, which was first introduced in Vista. As you may know, Windows Vista came out after XP, Windows 2000 and Sever 2003. Windows 7 would be another target for this bug only it has been patched according to Kostya Kortchinsky.

The next security patch from Microsoft should be released on October 13th but researchers are still unclear if it will include a fix to the SMB (SMBv2) vulnerability.