Vulnerable, Again!

“Microsoft Windows fails to properly handle traffic from a malicious server. In particular, Windows fails to properly handle a specially-crafted server response that contains too many bytes following the structure defined in the SMB2 TREE_CONNECT Response structure. By connecting to a malicious SMB server, a vulnerable Windows client system may crash (BSOD) in mrxsmb20.sys. We have confirmed the crash with fully-patched Windows 10 and Windows 8.1 client systems, as well as the server equivalents of these platforms, Windows Server 2016 and Windows Server 2012 R2.”
See Vulnerability Note VU#867968 – Microsoft Windows SMB Tree Connect Response denial of service vulnerability
I’ve hated M$’s file-sharing since I first looked at the details. Taking a complex protocol and making it ever more complex is a recipe for disaster. Either you have difficulty getting it to work with other systems or you have huge vulnerabilities. I’ve experienced both. Now we’re on SMBv3 and yet again there are problems.

People are recommending blocking the protocol’s ports until M$ gets its act together but that will never happen as long as M$ makes the world’s most complex OS. I’ve done one better. I don’t use SMB at all. I know I have a few applications with client software for it but I don’t have a single share on the LAN, not one. I use Debian GNU/Linux.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology and tagged , , , , , , . Bookmark the permalink.

4 Responses to Vulnerable, Again!

  1. oiaohm says:

    Deaf Spy in the first year of samba over 300 faults like the current one found were located in Microsoft SMB stack.

    So you cannot really compare this to Heartbleed like event that has only been happening for 20+years. Microsoft is meant to audit their code base as well. Has to wonder if Microsoft has been cutting conner on the Audits they have told governments they have done.

  2. Deaf Spy says:

    I’ve done one better. I don’t use SMB at all.

    YouDon’tNeedThat(tm). Same as backward compatibility. And keep pretending Heartbleed never happened. That makes you especially “knowledgeable”, you know.

  3. dougman wrote, “no one EVER, would hire you for a consultancy job”.

    On the contrary, I was many times hired because besides the teaching expertise I could make IT work for schools. For Easterville there was an explicit contract for doing that besides teaching. The project was successful by any standard, on time, under budget, working well.

  4. dougman says:

    Pogsey, no one cares what you use. With that said, your track record is rather lacking in many aspects, of which I won’t go into detail here, but its sure winner that no one EVER, would hire you for a consultancy job.

    I still get questions now and then from people I dealt with in the past.

Leave a Reply