The Patch Tuesday, which occurs the second Tuesday of each month is the day that Microsoft makes available to its customers the latest security patches for its softwares. And last Tuesday, a flaw of the type “zero-day” in Windows 7 and Windows Server 2008 R2 was not noticed in time. The problem? If this vulnerability is used, it can crash the remotely of computer.
The risk of the flaw
A security researcher who discovered the flaw said that the vulnerability could cause a kernel crash remotely. Microsoft explains this issue by the maladaptation of the Server Message Block (SMB) service of the operating system, which could cause a denial of service. Because this vulnerability would then create an infinite loop within the SMB network protocol.
He also explains that regardless of the configuration of a firewall, an attack can be orchestrated within a network through an infected computer through Internet Explorer or by sending a SMB malicious packet, as the NetBIOS Naming Service.
Microsoft counterattacks
But Microsoft defends itself by saying that no attack has been recorded yet and we can not prejudge a code injection. And Microsoft has corrected in November over a dozen vulnerabilities through the Tuesday Patch.
Tags: Flaws, OS, Softwares, Windows, Windows 7, Windows Flaws, Windows Server 2008
