Windows 7 when it ships next month will be vulnerable to an attack that hasn't been possible since 1999, a new vulnerability found by a security researcher shows. Sending a deliberately malformed network negotiation request can force a Windows 7 system into a page fault that triggers a "blue screen of death" error, even without the user's help in launching the code. The attack affects both 32-bit and 64-bit versions of the OS.
The flaw stems from the rewritten network stack inherited from Vista, which itself has also been discovered as vulnerable to the attack. Although Microsoft had patched the exploits out of Windows 2000 and XP, the complete overhaul is now thought to reintroduce a problem that hasn't existed since earlier Windows releases.
Microsoft has been told of the exploit but hasn't yet released a patch; users of the newer operating systems are being asked to switch off the Server Message Block (SMB) feature or block its access entirely until a fix is available.
The attack comes at a particularly inopportune time for Microsoft, as it has been trying to market Windows 7 as its most secure release and is in the rare circumstance of having to compete against another major operating system release, Mac OS X Snow Leopard. Apple's software isn't necessarily more secure but typically hasn't been vulnerable to remote attacks that disable the system and has gotten more secure with the latest release, whose 64-bit memory space prevents certain kinds of memory attacks from working properly.
Source: electronista
