SMB2 Security

While looking to install smbclient on my laptop this morning to talk to some devices on my home network, I was pointed at a security advisory regarding SMB2. It’s about a known defect the SMB2 implementation on Windows 7 — kind of interesting to have pre-release security defects publicised already. The FSFE’s statement is here, and you can find English-language Heise coverage here.

The intermediate work-around — isolate Windows machines from the Internet with a good firewall — is good practice anyway. Do not let SMB traffic escape from your local network.

4 thoughts on “SMB2 Security

  1. Note that the issue isn’t present in the final release of windows 7, only in the RCs.

    • The BSI doesn’t seem to think it’s been fixed in the final — although the recent 9-50 (I may have the number wrong) patch fixed *other* bugs in SMB2.

  2. Yeah, I’ve had a good look at this one. Its only a denial-of-service at this point, though that may change.

    Also, the exploit is not very reliable. Only some machines are affected, even though they use the same protocol. For example, I crashed two Vista machines and one Windows 7 machine using this exploit, but there were other similar machines using SMB2 (Vista and Win7) that did not crash.

    Also note, you have to be sharing files for this DOS to be possible.

  3. Pingback: Tweets that mention SMB2 Security « Bobulate --