Microsoft addressed just one bug for this month’s patch Tuesday, fixing a glitch in Windows that could allow hackers to enter malicious code or launch a denial-of-service attack on users’ PCs.
The security update was tagged critical and refers to three vulnerabilities found in Microsoft’s Server Message Block (SMB) Protocol, which allows domain controllers and printers to receive file information. The problem is known to affect all versions of Windows, including Vista, XP, and Server 2008.
For the early versions of Windows, the vulnerability was labeled critical due to the fact that the SMB Protocol is turned on by default and for Vista and Server 2008, the bug is considered moderate, because the SMB Protocol is turned off by default.
"Controlling what data is overwritten is difficult. To exploit this type of kernel buffer overrun, an attacker typically needs to be able to predict the layout and contents of memory. The memory layout of the targeted machine will depend on various factors such as the physical characteristics of the system, system load and other SMB requests it is processing," Microsoft researchers explained in the company's security blog.
Attackers could exploit the vulnerability and execute remote code to infiltrate PCs using the opened SMB ports. From this point on, malicious programs could be installed, a DoS attack could be launched and important data, such as financial information, could be accessed.
The company’s security experts recommend that all users update their SMB servers and domain controllers as soon as possible in order to make sure that any unwanted access is stopped and also use desktop firewalls to protect their networks.
