|
Full Disclosure
mailing list archives
Re: Microsuck delaying patch for SMB2 on purpose?
From: Sub <fd () xu9 de>
Date: Thu, 01 Oct 2009 15:22:11 +0200
windows xp does not support smb2, so there will never be a patch! ;)
Rohit Patnaik schrieb:
I'm pretty sure that Microsoft has already released a fix for this. I
know they've patched Vista and Windows 7, and they've decided publicly
not to backport the fix to Windows XP.
--Rohit Patnaik
On Wed, Sep 30, 2009 at 8:34 PM, Nick <nick58 () gmail com
<mailto:nick58 () gmail com>> wrote:
A new exploit for the _Smb2ValidateProviderCallback() function has
been released by the same person who created the Denial of Service
exploit, except this one is able to execute code remotely. It
seems that ms is sort of delaying the quick fix for this exploit.
Whats even sadder is that they knew about it when they developed
windows 7 but didn't care to patch windows vista. If they dont
release a patch soon, viruses will be all over the internet...
Exploit code:
http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
