Microsoft, always looking out for your best interests:From zdnet.com:
Microsoft has issued a security advisory to acknowledge a crippling denial-of-service flaw affecting its newest operating systems — Windows 7 and Windows Server 2008 R2.
Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft’s security response center to acknowledge that this was an issue that needs to be patched.
Following the publication of Gaffié’s exploit, Microsoft swiftly released Security Advisory 977544 with pre-patch mitigations and a confirmation that the “detailed” code could provide a roadmap for hackers to cause Windows 7 and Windows Server 2008 R2 systems to stop responding until manually restarted.
And you know the customer base is totally able to do this:
In the absence of a patch, Microsoft recommends that affected users block TCP ports 139 and 445 at the firewall. Windows users should also block all SMB communications to and from the Internet to help prevent attacks.
NEW SLOGAN: "Windows 7 with security vulnerabilities was my idea."
posted by Quiddity at 11/19/2009 06:32:00 AM
Um, anyone who runs a Windows machine and doesn't block ports 137, 138 and 139 is an idiot. These ports have been known problems since the 90s. Since firewalls block these ports by default, it's not that big a deal.
My point was more that the typical user has no idea what the MS recommendation means or how to check that all is well.
Well that goes for most security advisories from most vendors.
No one hates MS more than I do, but this one isn't a fair hit. Much better criticisms are that their user interfaces make things easy for beginners and harder for people who know what they're doing, and this tendency becomes worse in each new version of their OS. Or that an administrator is no longer really an administrator. Or that they intentionally degrade how their new products work with their older products. There's a million reasons to hate MS, this just isn't one of them.
