The United States Computer Emergency Readiness Team has found a denial of service exploit with both Windows 8.1 and Windows 10. There is an exploit in the Server Message Block. This vulnerability could allow a remote attacker to perform a denial of service attack on your computer.
Currently, Microsoft has not released a patch for this vulnerability. You are advised to block Server Message Block outbound Transmission Control Protocol port numbers 139 and 445 as well as User Datagram Protocol port numbers 137 and 138. You would need to block these ports from accessing your local area network from a wide area network.
This is actually a memory bug that causes this problem. A blue screen of death could be caused by mrxsmb20.sys. Microsoft Windows Server two thousand twelve release two and Windows server two thousand sixteen are also potentially afflicted. This exploit can be triggered numerous ways by connecting to a Serer Messaging Block share.
A malicious Server Messaging Block must be used. This is why you might want to block access to TCP ports 139/445 as well as UDP ports 137/138. Basically, Server Messaging Block is a way to share files between computers.
This is quite popular with SAMBA that runs on Linux. Laurent Gaffie, an independent researcher claims he notified Microsoft Corporation of this exploit in September of two thousand sixteen. Yet Microsoft has yet to release a patch at time of this blog post creation.
About Author Aaron J. Berg
Aaron J. Berg is the owner of Anet Computers, host of the Reality PC podcast, and blogger at AnetComputers.com. For over thirteen years, he worked for fortune 500 companies and the United States Federal government supporting computers. Now he helps you solve your most common computer problems.