The Hackr

Zero Day Security flaw in windows leads to BSOD

US-CERT or United States Computer Emergency Readiness Team has recently discovered a Zero Day Vulnerability present in SMB (Service Message Block) service of the Microsoft Windows that allows an attacker to carry out a Denial of Service attack and crash the entire system thus leading to Blue Screen of Death (BSOD).

What Is Zero Day Vulnerability?

A zero day vulnerability refers to a hole in software that is unknown to the vendor. Hackers exploited this security hole before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.

CERT’s advisory specifies that “by connecting to a malicious SMB server (Server Message Block), a vulnerable Windows client system may crash BSOD in mrxsmb20.sys.”

Further, making use of this vulnerability, an attacker can launch attacks of all sorts and also execute arbitrary code. This vulnerability makes the Windows 10 and Windows 8.1 expose to exploitation and also may affect Windows Server systems.

The advisory also states that Microsoft Windows has failed to handle traffic coming from a malicious or infected server properly and also it cannot handle server response that contains too many bytes “following the structure defined in the SMB2 TREE_CONNECT Response structure.”

The CERT team also reproduced the attack method by conducting a denial of service attack onto computers running patched versions of Windows 8.1 and Windows 10. However, the team could not successfully run arbitrary code.

The problem may worsen now since the exploit code that may let attackers take advantage of this zero-day vulnerability is already available online and therefore, a patch for the flaw is required badly. Until then, US-CERT cannot provide a solution to keep the users safe. It, however, has provided a temporary fix in the form of blocking outbound SMB connections on the local network.

Abhilash

It was a hobby I got into a long time ago, hacking cameras. And I am here making posts @TheHackr today!

Chat With Our Bot ☎️

IntroducingTheHackr Chatbot,now anyone can interact with our messenger bot and get daily crunches about Cyber-Security in just a clicks away!

up