Windows 7 NetBIOS Kernel Crash, 1997 all over again :(
November 12th, 2009
No comments
Looks like Windows 7 is vulnerable to an SMB remote exploit.
Unfortunatly this SMB2 security issue is specificaly due to a MS patch, for another SMB2.0 security issue:
KB942624 (MS07-063)
Installing only this specific update on Vista SP0 create the following issue:SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for futher communication.
Reminds me of the days of WinNuke.
