Help
SMB v2 bug not a popular target, says security experts
It has been a week since hackers released software that could be used to attack a flaw in Windows Vista and Server 2008, but Microsoft and security companies say that criminals haven't done much with the attack.
Microsoft said it hadn't seen any attacks that used the vulnerability, an analysis that was echoed by security companies such as SecureWorks, Symantec and Verisign's iDefense unit.
While criminals jumped on a similar flaw a year ago, using it in widespread attacks that ultimately forced Microsoft to rush out a security patch ahead of its monthly set of security updates, that hasn't happened with this latest bug, which lies in the SMB v2 software used by Vista and Server 2008 to do file-and-printer sharing.
SecureWorks researcher Bow Sineath said Tuesday that there are several reasons why this latest attack has not been picked up. Perhaps the main reason is that the Metasploit code doesn't work as reliably as last year's MS08-067 attack, and often causes the computer to simply crash instead of running the hacker's software.
Complete article in http://www.computerw...fm?newsid=16961
http://msmvps.com/ag...?PostID=1730562View the full article
