Windows 7 users would be well-advised to block outgoing ports 139 and 445. Microsoft has confirmed the existence of a vulnerability that affects SMB in Windows 7 and Windows Server 2008 RC2. Worst case scenario: you connect to a malicious server then it crashes your PC.
The beauty here is that, in a perfect world, these ports would be blocked by default, making the exploit much less troubling. Let’s say you’re messing around on your computer, and all of a sudden Windows (or your firewall of choice) prompts you to open port 445 for a connection. So you say to yourself, “Hmm, I’m pretty sure my game of chess doesn’t need to access an SMB share to work properly, so I’m going to go ahead and deny that port-open request.”
But that’s now how the real world works.
It comes down to this: block those two ports when you’re not actively using them. No problems.
I could make some sort of snide remark about this being the first of many (maybe!) Windows 7 exploits, but let’s face it: when you’re dealing with so many lines of code, you’re bound to find a few bugs in there.
Oh, and Microsoft hasn’t said when it plans to patch the exploit. Presumably it will do so with its next big first Tuesday of the month patch day.
via Slashdot
TCP, UDP or both ports need to be blocked?
Let’s say you’re messing around on your computer, and all of a sudden Windows (or your firewall of choice) prompts you to open port 445 for a connection. So you say to yourself, “Hmm, I’m pretty sure my game of chess doesn’t need to access an SMB share to work properly, so I’m going to go ahead and deny that port-open request.”
How about “port 445? what the hell is a port?” because that will be the response of the average user.
Not to mention I am pretty expirenced with computerds yet sure as hell have no idea that port 445 was a SMB share port seriously, you expect the average user to even know what a port is, much less have them MEMORIZED?
And on a Mac, it will simply happen w/o a user prompt and get nuked.
lmao more like Mac’s are completely unaffected by these types of attacks.
Yeah, nobody wants to beat up on the crippled kid.
“when you’re dealing with so many lines of code, you’re bound to find a few bugs in there.”
More like “when you’re dealing with so many lines of Windows code, you’re going to find a few hundred thousand bugs in there and plenty of areas for virus, malware etc. etc. attacks.” That’s why M$ has started work on their own anti-virus software. The underlying code is crap, but if they try piling crap on top of crap and calling it safe, it’ll make a few more sales.
Fact of the matter is, a pig in makeup is still a pig.
“Fact of the matter is, a pig in makeup is still a pig.”
That’s a rather mean thing to call Macintosh computers. I mean sure, they are crap on the inside, but they look shiney on the outside.
Make sure to keep spelling MS with that “$”, dude. It’ll make your point seem soooo much more credible.
Ah, this may be the snowflake that would start things going.
Exploits on 7 are bound to happen anyways.
I’m a Mac user and I’ve got my fingers crossed for the Windows community! Good luck w/ a new operating system. I’d love for Windows 7 to be a huge success. Mac users shouldn’t be the only ones to enjoy technology as much as we do!
Peace to all users! ;)
I think I would blame backwards compatibility for the majority of Window’s problems. If they could drop the entire backwards compatibility for applications that use pre-Vista APIs, then Windows would work a lot safer and faster, and would be a lot smaller. Sure some people may complain at first but give it a year and the market will adapt has the developers are forced to adapt if they want to survive.
Also, anyone who believes that Macs these impenetrable fortresses that will never have to worry about a hacker or malware should crawl under a rock and isolate themselves from society because Macs have just as many problems as other OSs but nobody cares because the hackers find it more profitable to attack the majority (because it works) than the sad minority that nobody likes.
But this exploit is a Windows 7 and Server 2008 exclusive… Why bring up the backwards compatibility as an issue?
BTW, you are no hacker, so how would you know what they do?
Talking profitable hacking? Go see how much servers on the Internet use Windows and compare it to the number using Linux… There would be far more profits in hacking Linux, alas, that doesn’t seem to be the case, does it?
I don’t have Windows 7, but have 7 Windows, and still use
Here’s a twist, in the Philippines, some people are making the “cracked” version of Windows 7 a big business. Merchants are monetizing on pirated WIndows 7
Millions of windows 7 CDs that cost less than 2USD are circulating the main city. People are buying this stuff thinking that its a good deal. Some people don’t know that its a death knell. They may literally burned cash and it’s a total ripoff.
http://bit.ly/Pirated-WIndows7-Philippines