Microsoft offers "1-Click Workaround" for SMB2 hole
Two weeks ago, a vulnerability in the implementation of the SMB2 protocol for Windows Server 2008 and Vista was discovered, and still no patch has been provided. Microsoft is now offering a "1-Click Workaround": switch off SMB2. The process can be undone with a second click.
On September 8, Microsoft admitted that the SMB hole exists and also confirmed that the security hole can be used to inject and execute arbitrary code. Originally, it was assumed that attackers would only be able to reboot systems. However, in the two weeks following, working exploits that take over systems entirely have begun to circulate.
(djwm)