We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft takes 7 years to fix 'critical' Windows bug

Patch issued yesterday for SMB flaw

An SMB bug finally fixed by Microsoft this week was publicly disclosed more than seven years ago.

It was seven-and-a-half years, in fact, between the flaw being disclosed and Microsoft yesterday patching a security issue in its SMB (Server Message Block) service. This software is used by Windows to share files and print documents over a network.

In a Microsoft blog posting, the company acknowledged that "Public tools, including a Metasploit module, are available to perform this attack". Metasploit is an open-source toolkit used by hackers and security professionals to build attack code.

According to Metasploit, the flaw goes back to March 2001, when a hacker named Josh Buchbinder (aka Sir Dystic) published code showing how the attack worked.

Symantec Research Manager Ben Greenbaum said the flaw may have first been disclosed at Defcon 2000, by Veracode Chief Scientist Christien Rioux (aka Dildog).

Whomever discovered the flaw, Microsoft seems to have taken an unusually long time to fix the bug.

"This is definitely out of the ordinary," Greenbaum said. He said he did not know why Microsoft had waited so long to fix the issue.

"I've been holding my breath since 2001 for this patch," said Shavlik Technologies Chief Technology Officer Eric Schultze, in an emailed statement. Buchbinder's attack, called a SMB relay attack, "showed how easy it was to take control of a remote machine without knowing the password", he said.

For the attack to work, a victim could be sent a malicious email message that, when opened, would try to connect to a server run by the attacker. That machine would then steal network authentication credentials from the victim, which could then be used to gain access to the victim's machine.

This type of attack would be blocked by a firewall, so a hacker would have to already be on a computer within the network in order to launch the SMB relay. Microsoft rates the flaw as "important" for Windows XP, 2000 and Server 2003 users, and as "moderate" for Vista and Server 2008.

Nevertheless Schultze said he considered the patch "critical" for machines on a corporate network.

He said the attack is "pretty easy" to pull off today. "It's a great vector of attack on a corporate network where file and print sharing ports and services may be unprotected," he said.

Microsoft representatives were unable to comment for this story Tuesday afternoon.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews

Visit PC Advisor's dedicated Microsoft News Spotlight for the latest news on the software giant

Visit Business Advisor for the latest business IT news, reviews, tips and tricks - plus sign up for our unique and FREE business IT newsletter


IDG UK Sites

5 reasons not to wait for the Apple Watch: Why you shouldn't buy the iWatch

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How Emotional Debt is damaging digital design

IDG UK Sites

iPhone buying advice: Should I buy an iPhone 6, iPhone 6 Plus, iPhone 5s, or iPhone 5c, or wait for7......