Microsoft closes three holes in Windows
As previously announced, Microsoft has released a security update for Windows to close a total of three holes in the SMB protocol implementation. All three holes are based on buffer overflows. Two of them can apparently be exploited to inject and execute code remotely, without previous authentication. The third buffer overflow reportedly only causes the computer to reboot.
However, according to Microsoft's "Exploitability Index" the holes are not likely to be targeted, as Redmond considers creating an exploit too much effort for programmers. Nevertheless, Microsoft has rated the flaws in Windows 2000, XP, and Server 2003 as critical.
The risk for Vista and Server 2008 is rated as moderate and in any case these products aren't affected by one of the holes (CVE-2008-4834). The beta version of Windows 7 reportedly only contains the denial-of-service vulnerability that can cause a computer to reboot. According to the Microsoft Security Response Center (MSRC), an update is to be included in the next beta version.
With the January edition of its "Malicious Software Removal Tools", Microsoft added signatures for the Conficker RPC worm which has recently caused considerable trouble for quite a few MS customers. Conficker exploits a hole that has been known since October. Microsoft provided a patch soon after the vulnerability was discovered.
- Vulnerabilities in SMB Could Allow Remote Code Execution (958687), Microsoft Security Bulletin MS09-001