Security Researcher Reveals New Windows Zero-Day Flaw

by Brandon Dimmel on 20110216 @ 10:27PM EST | google it | send to friends
Filed under Business | Microsoft | (related terms: bug, system, file, windows server, security flaw)

A new zero-day security flaw has been found in Windows that could allow a hacker remote access to a PC. A security researcher recently disclosed the bug, which Microsoft is currently investigating.

The programming code for the security flaw has been posted publically and is related to a Windows system file called "mrxsmb.sys". The file is related to Windows Server Message Block (SMB) protocol, used for network communications.

Bug Rated Critical by Security Experts

In short, the affected file is associated with file and printer sharing features within the Windows operating system (OS).

Because this is such a sensitive part of the operating system, experts, including French security firm Vupen, have already dubbed the bug "critical," typically the highest alert level for a flaw of this kind. Vupen says a hacker with knowledge of the exploit could "cause a denial of service or take complete control of a vulnerable system." (Source: computerworld.com)

Secunia, a Danish security firm, agreed that the bug could be used to hijack a PC. "Successful exploitation may allow execution of arbitrary code," Secunia representatives recently stated.

Unclear Which Versions of Windows are Vulnerable

It's not yet been confirmed exactly which versions of Windows are affected. Thus far it seems Windows XP and Windows Server 2003 SP2 are most definitely vulnerable, though Secunia suspects Windows Vista and Windows 7 could also be open to attack.

There's still a lot of time until Microsoft's next scheduled Patch Tuesday (March 8), meaning the company will have to determine if the bug warrants and out-of-schedule emergency fix.

Stay Informed: Subscribe Free to Infopackets, Today! Get your daily fix of Microsoft Windows news, reviews, tech tips, plus free software (freeware) goodies daily -- all absolutely free -- delivered straight to your email inbox! Bonus: join our website today and you'll also receive our highly coveted Top 10 Tech Reports, including: Top 10 PC Security Essentials, Windows Optimization Secrets, Top Freeware Antivirus, MS Office alternatives and more. Don't delay: subscribe today! Click here for more info.

Infopackets Game of the Week

Secrets of the Dark: Eclipse Mountain Collector's Edition

Click here to read more.

Most Clicked Stories
(In the Past 15 Days)

Freebies

Subscription Center

Recommended Sites

DownloadMix.com: More Freeware + Shareware

About

Established in 2001 and read by over 250,000 users world-wide, infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free! Join our discussion list, today!