Windows SMB2 'SRV2.SYS' Remote Denial of Service Exploit (and screen shots on Windows 2008 SP2)

There’s a simple exploit code on SMB2 protocol (implemented in the newer OSes of Microsoft) that can easily remote BSDO a Windows server or client. SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality. The NEGOTIATE PROTOCOL REQUEST is the first … “Windows SMB2 'SRV2.SYS' Remote Denial of Service Exploit (and screen shots on Windows 2008 SP2)”

Read More

Possible new breed of mass spreading worms ? New vulnerabilities found in MS products.

Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability The specific vulnerability exists in the OWC10.Spreadsheet.10 ActiveX control installed by Microsoft Office. By accessing specific methods in a certain order heap corruption occurs leading to remote code execution. If exploited, complete control of the affected system … “Possible new breed of mass spreading worms ? New vulnerabilities found in MS products.”

Read More