Story image

Trend Micro's lowdown on the bug that puts Windows systems at risk of DoS attacks

07 Feb 17

Trend Micro has elaborated on US-CERT reporting that there is memory corruption bug that, when used by unauthorised parties, could cause a Denial of Service (DoS) on various Windows operating systems – and there’s no solution available yet.

The bug DoS can then crash the operating systems, rendering the DoS attack. The zero-day bug was found in Server Message Block (SMB) traffic that affects Windows 10, Windows 8.1, Server 2016 and Server 2012, Trend Micro says.

The SMB protocol is a network file sharing mechanism used to provide shared access to files, printers, serial ports and other network connections.

A Twitter user posted a Proof of Concept code to show how the bug could lead to a DoS attack and how the bug also leaves an operating system open to remote arbitrary code execution.

“Upon discovery, the bug was initially graded with a severity level of 10 out of 10, which means that the vulnerability could easily be exploited even by untrained perpetrators. Not long after, this rating was lowered to a 7.8,” Trend Micro states.

Although attackers would have to use social engineering to prompt users to connect to a malicious SMB server. This is easily done, as victims only need to click on a malicious link and then connect to a remote SMB server. This would result in a crash, and the blue screen of Death Trend Micro continues.

While US-CERT says there’s no current solution for the vulnerability, sysadmins should block outbound SMB connections from local networks to WAN. Microsoft has said it will be issuing a patch for this vulnerability in the Patch Tuesday updates, scheduled for February 14.

Trend Micro Deep Security shields networks through the Deep Packet Inspection (DPI) rule: 1008138-Microsoft Windows Stack Overflow Remote Code Execution Vulnerability.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.