Source |
Network World |
Identifiant |
306351 |
Date de publication |
2017-02-03 10:48:05 (vue: 2017-02-03 10:48:05) |
Titre |
Microsoft will likely fix Windows SMB denial-of-service flaw on Patch Tuesday |
Texte |
Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers.
The vulnerability was disclosed Thursday when the security researcher who found it posted a proof-of-concept exploit for it on GitHub. There was concern initially that the flaw might also allow for arbitrary code execution and not just denial-of-service, which would have made it critical.
The CERT Coordination Center (CERT/CC) at Carnegie Mellon University at first mentioned arbitrary code execution as a possibility in an advisory released Thursday. However, the organization has since removed that wording from the document and downgraded the flaw's severity score from 10 (critical) to 7.8 (high).To read this article in full or to leave a comment, please click here |
Envoyé |
Oui |
Condensat |
advisory allow also arbitrary article can carnegie center cert cert/cc click code comment computers concept concern coordination crash critical denial disclosed document downgraded execution exploit exploited february file first fix flaw found from full github has have here high however initially just leave likely made mellon mentioned microsoft might network not organization patch please possibility posted proof protocol publicly read released removed researcher score security service severity sharing since smb thursday tuesday university until vulnerability wait when which who will windows wording would |
Tags |
|
Stories |
|
Notes |
|
Move |
|