Microsoft working on a fix for a zero-day vulnerability in Windows 7
Though Microsoft's 'Patch Tuesday' updates did not figures any fixes for the newly-launched Windows 7 operating system, Microsoft said on Friday that, with a zero-day vulnerability detected in the OS, it is working towards fixing a vulnerability in the Server Message Block file-sharing protocol in Windows 7 and Windows Server 2008 Release 2 that can remotely crash the computer.
The zero-day vulnerability in Windows 7 was discovered by researcher Laurent Gaffié, who published proof-of-concept code on a blog. Gaffié specified that the bug could be used to remotely crash Windows 7 or Windows Server 2008 R2 on a local area network or via the Internet Explorer.
Gaffié also said that the presence of the bug clearly refuted the Microsoft claim that its software development process, security development lifecycle (SDL), was aimed at increasing reliability.
Scoffing at the supposed belief that Windows 7 OS was the 'most secure operating system ever,' Gaffié remarked: "Whatever your firewall is set to, you can get remotely smashed via IE or even via some broadcasting NBNS (NetBIOS Name Server) tricks."
Meanwhile, in an advisory, Microsoft, disparaging the manner of the bug's disclosure by Gaffié, asserted that it was aware of that the exploit code can cause a system to stop functioning; and added that it will "continue to encourage responsible disclosure of vulnerabilities."
Revealing a previously unknown survival technique...Read More
Google Inc.’s self-driving car unit Waymo is...Read More
U.S. network provider AT&T is reportedly...Read More
In a landmark ruling, an Italian court has...Read More
Duluth’s nonpartisan “March for Science” will be...Read More
A new study has revealed that more Americans than...Read More