Security 10809 Published by

Heise reports that a vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems.



An exploit written in Python is already available. A test at heise Security, The H's German associates, confirmed that the exploit enabled a remote reboot of a Vista system. However, in the test, the exploit had no apparent effect on a computer running Windows 7. According to the report written by Laurent Gaffie, who discovered the vulnerability, Windows Server 2008 might also be affected, since all of the systems named used the same SMB2.0 driver. Windows 2000 and XP were not affected, however, since they do not support SMB2.
Hole in Windows Vista and 7 allows remote reboot