July 26, 2017 by Michael Mimoso
LAS VEGAS—A 20-year-old Windows SMB vulnerability is expected to be disclosed Saturday during a talk at DEF CON.
Microsoft has said it will not patch the vulnerability, which allows an attacker to remotely crash a Windows server with relative ease using only 20 lines of Python code and a Raspberry Pi.
The vulnerability affects every version of the SMB protocol and every Windows version dating back to Windows 2000. It was likely introduced into the operating system much earlier, said Sean Dillon, senior security researcher at RiskSense. Dillon, who conducted his research with colleague Zach Harding, called the attack SMBloris because it is comparable to Slowloris, a 2009 attack developed by Robert Hansen. Both attacks can use a single machine to crash or freeze a much more powerful server, but Slowloris, unlike SMBloris, targets webservers.
Powered by WPeMatico