14 DAY TRIAL // The Redmond Company has confirmed a new vulnerability affecting a wide range of its products via the Microsoft Security Response Center Blog. Adrian Stone from the MSRC has announced that Microsoft's Software Security Incident Response Process has debuted an investigation in the matter.
"The vulnerability was not addressed in this month's MS06-035 security update," said Stone. "While this appears to have been found after the release of MS06-035, this does not affect the same code path or functionality or vulnerability that was addressed by the update. Unlike some of the current speculation that we have observed, the current PoC is limited to a denial of service that would cause the target host to blue screen. At this time we have not identified any possibilities with this issue that could allow remote code execution. We have not observed or received any reports of the PoC being used to actively attack systems," stated Stone.
The vulnerability resides in the following products: Windows 2000 SP4, Windows Server 2003, Windows Server 2003 Itanium, Windows Server 2003 SP1, Windows Server 2003 SP1 Itanium, Windows Server 2003 x64 Edition, Windows XP Pro x64 Edition, Windows XP SP1, Windows XP SP2. If exploited, the flaw could allow for Denial of Service attacks from a local network, and is likely to receive a moderate threat ranking from Microsoft. Apparently, since the vulnerability is related to the Server Message Block protocol running on TCP ports 139 and 445. In this regard Microsoft stated that blocking both inbound and outbound traffic is a workaround until a final solution will be available.