MS Releases Temp Fix for Critical SMB Network Flaw

A critical flaw in Microsoft's Windows Vista and Windows Server 2008 has been addressed by a recent temporary "Fix It" solution. The workaround for the problem in the Server Message Block (SMB) protocol version 2 could prevent hackers from remotely invading and raiding your operating system's data.

Win7 RC Not Spared Vulnerability

Plenty of press surrounded the fact that the problem affected early versions of Windows 7, which is due to be released to the public this coming October 22nd. Some analysts wondered aloud if the issue could mar the company's big launch party.

To date, there haven't yet been any reports of attacks. That said, the error, which affects the way the Microsoft SMBv2 network file sharing protocol parses SMB requests, could prove devastating if exploited. Microsoft proved that last week by releasing test exploit code capable of taking over a system. "The exploit gains complete control of the targeted system and can be launched by an unauthenticated user," said members of Microsoft's Security Response Center engineering team.

The Temporary Workaround

Simple: Microsoft is telling users to go ahead and cut all support for the SMBv2 protocol. That can be achieved by installing a "Fix It" solution package from the company's web site. Although the solution could make for slower connections between Vista and Windows Server 2008 machines, it's a quick and easy fix for an issue many felt should have been addressed weeks ago. (Source: crn.com)

Microsoft assured users that it is working on a full patch for the problem, but recommended that everyone download the "Fix It" package from its support site, available by clicking here. It's possible that a more definitive solution will be available in time for the company's next Patch Tuesday in several weeks, but Microsoft has yet to confirm that. (Source: computerworld.com)