Описание
Windows SMB Denial of Service Vulnerability
A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to stop responding until it is manually restarted. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system.
Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.
The security update addresses the vulnerability by correcting the manner in which SMB handles specially crafted client requests.
Обходное решение
Disable SMBv1
For customers running Windows Vista and later See Microsoft Knowledge Base Article 2696547.
Alternative method for customers running Windows 8.1 or Windows Server 2012 R2 and later For client operating systems:
- Open Control Panel, click Programs, and then click Turn Windows features on or off.
- In the Windows Features window, clear the SMB1.0/CIFS File Sharing Support checkbox, and then click OK to close the window.
- Restart the system.
For server operating systems:
- Open Server Manager and then click the Manage menu and select Remove Roles and Features.
- In the Features window, clear the SMB1.0/CIFS File Sharing Support check box, and then click OK to close the window.
- Restart the system.
Impact of workaround. The SMBv1 protocol will be disabled on the target system.
How to undo the workaround. Retrace the workaround steps, and select the SMB1.0/CIFS File Sharing Support check box to restore the SMB1.0/CIFS File Sharing Support feature to an active state.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2008 for Itanium-Based Systems Service Pack 2 | ||
| Windows Server 2008 for 32-bit Systems Service Pack 2 | ||
| Windows Server 2008 for x64-based Systems Service Pack 2 | ||
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | ||
| Windows 7 for 32-bit Systems Service Pack 1 | ||
| Windows 7 for x64-based Systems Service Pack 1 | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
7 High
CVSS3
Связанные уязвимости
The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.
The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.
EPSS
7 High
CVSS3