Zero-day Windows file-sharing flaw can crash systems, maybe worse

The implementation of the SMB network file sharing protocol in Windows has a serious vulnerability that could allow hackers to, at the very least, remotely crash systems.

The unpatched vulnerability was publicly disclosed Thursday by an independent security researcher named Laurent Gaffié, who claims that Microsoft has delayed releasing a patch for the flaw for the past three months.

Gaffié, who is known on Twitter as PythonResponder, published a proof-of-concept exploit for the vulnerability on GitHub, triggering an advisory from the CERT Coordination Center (CERT/CC) at Carnegie Mellon University.

To read this article in full or to leave a comment, please click here