The concept exploit uses the flaw to force Windows machine into the infamous Blue Screen of Death (BSOD). According to security researchers at the Internet Storm Center (ISC), the problem is defeated by using basic firewall protection. "The exploit needs no authentication, only file sharing enabled with one packet to create a BSOD," ISC researchers warn. "We recommend filtering access to port TCP 445 with a firewall."
Microsoft issued a number of security updates during the day to address some serious vulnerabilities in the Windows operating systems. The SRV2.SYS (SMB) file vulnerability that can cause a BSOD was not included, likely due to the timing of the exploit code's release, but Microsoft did reveal that it is investigating the issue.
Written by: James Delahunty @ 8 Sep 2009 23:20