[Razor VinT]

A vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems. The root of the problem is an error in how the srv2.sys driver handles client requests when the header of the "Process Id High" field contains an ampersand. The attack does not require authentication; port 445 of the target system merely has to be accessible, which in the default Windows local network configuration, it usually is. SMB2 is an extension of the conventional server message block protocol.

An exploit written in Python is already available. A test at heise Security, The H's German associates, confirmed that the exploit enabled a remote reboot of a Vista system. However, in the test, the exploit had no apparent effect on a computer running Windows 7. According to the report written by Laurent Gaffie, who discovered the vulnerability, Windows Server 2008 might also be affected, since all of the systems named used the same SMB2.0 driver. Windows 2000 and XP were not affected, however, since they do not support SMB2.

Source

Update:
Microsoft issued a formal security advisory late Tuesday on a reported zero-day flaw in Windows Vista and Windows Server 2008. However, the software maker also said that the flaw does not affect the final version of Windows 7.

Security advisory

If you are using Windows 7 RC, you're still at risk.

[Culprit]

wow that sucks.

[K.L.Devine]

Why everyone is talking about this vulnerability on the net? It's not so risky as automated bots are. A hacker is required for it's exploit.

[shivaram]

f**k off this is what i have been facing problems with this shit Vista. Donno now a days Vista gives hell problems to my laptop. Waiting for 7 to release then will kick this bastard vista.

this is what i faced here http://www.winmatrix...siveras-b-expl/

this port 445 and 139 will always be in listening mode and exploit to all sort of vulnerabilities. a good firewall will block all the access.