We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,131 News Articles

Microsoft takes 7 years to fix 'critical' Windows bug

Patch issued yesterday for SMB flaw

An SMB bug finally fixed by Microsoft this week was publicly disclosed more than seven years ago.

It was seven-and-a-half years, in fact, between the flaw being disclosed and Microsoft yesterday patching a security issue in its SMB (Server Message Block) service. This software is used by Windows to share files and print documents over a network.

In a Microsoft blog posting, the company acknowledged that "Public tools, including a Metasploit module, are available to perform this attack". Metasploit is an open-source toolkit used by hackers and security professionals to build attack code.

According to Metasploit, the flaw goes back to March 2001, when a hacker named Josh Buchbinder (aka Sir Dystic) published code showing how the attack worked.

Symantec Research Manager Ben Greenbaum said the flaw may have first been disclosed at Defcon 2000, by Veracode Chief Scientist Christien Rioux (aka Dildog).

Whomever discovered the flaw, Microsoft seems to have taken an unusually long time to fix the bug.

"This is definitely out of the ordinary," Greenbaum said. He said he did not know why Microsoft had waited so long to fix the issue.

"I've been holding my breath since 2001 for this patch," said Shavlik Technologies Chief Technology Officer Eric Schultze, in an emailed statement. Buchbinder's attack, called a SMB relay attack, "showed how easy it was to take control of a remote machine without knowing the password", he said.

For the attack to work, a victim could be sent a malicious email message that, when opened, would try to connect to a server run by the attacker. That machine would then steal network authentication credentials from the victim, which could then be used to gain access to the victim's machine.

This type of attack would be blocked by a firewall, so a hacker would have to already be on a computer within the network in order to launch the SMB relay. Microsoft rates the flaw as "important" for Windows XP, 2000 and Server 2003 users, and as "moderate" for Vista and Server 2008.

Nevertheless Schultze said he considered the patch "critical" for machines on a corporate network.

He said the attack is "pretty easy" to pull off today. "It's a great vector of attack on a corporate network where file and print sharing ports and services may be unprotected," he said.

Microsoft representatives were unable to comment for this story Tuesday afternoon.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews

Visit PC Advisor's dedicated Microsoft News Spotlight for the latest news on the software giant

Visit Business Advisor for the latest business IT news, reviews, tips and tricks - plus sign up for our unique and FREE business IT newsletter


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback