Posts Tagged ‘vulnerability’

Metasploit architect HD Moore has let it slip that he has discovered a major vulnerability affecting a wide range of Windows applications. This vulnerability, not unlike one patched in the Windows version of iTunes a few months ago affects around 40 applications including Windows Explorer, which is a major component of Windows.

He says he discovered this exploit while researching the Windows Shortcut bug that was recently the subject of an out of band patch by Microsoft.

Moore suggested a workaround, stating, “Users can block outbound SMB [by blocking TCP ports] 139 and 445, and disable the WebDAV client [in Windows] to prevent these flaws from being exploited from outside of their local network.”

[via ComputerWorld]