Microsoft is under increasing pressure to release a security patch for a vulnerability in its file sharing (SMB2)...
protocol as more exploit code becomes available.
Earlier this month security researcher Laurent Gaffie published a proof of concept code showing how an attacker could crash machines with the Server Message Block 2.0 (SMB) protocol enabled.
The problem has become potentially a lot more serious with the release of more exploit code by security researcher Stephen Fewer that could enable attackers to take over control of targetted computers.
According to the open-source Metasploit Project, Fewer's code has been added to the its penetration testing tool known as the Metasploit Framework.
The exploit works against Windows Vista Service Pack 1 and 2 and Windows 2008 SP1 server and possibly also Windows 2008 SP2, according to Metasploit developer HD Moore.
According to Metasploit, the best workaround for this still-unpatched flaw is to disable the SMB2 protocol.
Microsoft last week issued a quick temporary fix for the SMB2 flaw and set the company was still working on a security patch.
Microsoft has not yet indicated whether the patch will be included in the October Patch Tuesday monthly security update.