US-CERT or United States Computer Emergency Readiness Team has recently discovered a Zero Day Vulnerability present in SMB (Service Message Block) service of the Microsoft Windows that allows an attacker to carry out a Denial of Service attack and crash the entire system thus leading to Blue Screen of Death (BSOD).
What Is Zero Day Vulnerability?
A zero day vulnerability refers to a hole in software that is unknown to the vendor. Hackers exploited this security hole before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.
Further, making use of this vulnerability, an attacker can launch attacks of all sorts and also execute arbitrary code. This vulnerability makes the Windows 10 and Windows 8.1 expose to exploitation and also may affect Windows Server systems.
The advisory also states that Microsoft Windows has failed to handle traffic coming from a malicious or infected server properly and also it cannot handle server response that contains too many bytes “following the structure defined in the SMB2 TREE_CONNECT Response structure.”
The CERT team also reproduced the attack method by conducting a denial of service attack onto computers running patched versions of Windows 8.1 and Windows 10. However, the team could not successfully run arbitrary code.
The problem may worsen now since the exploit code that may let attackers take advantage of this zero-day vulnerability is already available online and therefore, a patch for the flaw is required badly. Until then, US-CERT cannot provide a solution to keep the users safe. It, however, has provided a temporary fix in the form of blocking outbound SMB connections on the local network.