Home » Privacy & Security

Unpatched Windows SMBv2 bug is dangerous

By George Ou 10 September 2009 No Comment

The Windows SMBv2 zero-day vulnerability (disclosed vulnerability with no software fix) appears to be more dangerous than initially thought.  The vulnerability does not affect the Release to Manufacturing (RTM) version of Windows 7 or Windows Server 2008 R2, but it does affects Windows Vista and Windows Server 2008.  The danger is no longer just a system crash or reboot, it can lead to a full system compromise.

In the absence of a patch, Microsoft released some instructions for disabling SMBv2.  For your convenience, I’ve packaged two REG files that you can download that enable and disable SMBv2 in Windows Vista and Windows Server 2008.  So until a software patch is available, you need to disable SMBv2 double clicking the disable-SMBv2.reg file and then rebooting.  The workaround does not break your ability to serve files, but it does reduce your SMB file serving speeds down to Windows XP and Windows Server 2003 levels which would result in a moderate decrease in performance.  When the patch becomes available and you have applied the patch, just run the enable-SMBv2.reg file and reboot.

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.