A new zero-day security flaw has been found in Windows that could allow a hacker remote access to a PC. Microsoft is currently investigating it.
The programming code for the security flaw has been posted publically and is related to a Windows system file called "mrxsmb.sys". The file is related to Windows Server Message Block (SMB) protocol, used for network communications. You have to wonder why the programming code was published publicly.
In short, the affected file is associated with “file and printer sharing features” within the Windows operating system (OS).
Because this is such a sensitive part of the operating system, Vupen has already dubbed the bug "Critical". Typically, this is the highest alert level for a flaw of this kind. Vupen says a hacker with knowledge of the exploit could "cause a denial of service or take complete control of a vulnerable system." (Source: computerworld.com)
Secunia, a Danish security firm, agreed that the bug could be used to hijack a PC. "Successful exploitation may allow execution of arbitrary code", Secunia representatives recently stated.
It is unclear which versions of Windows are vulnerable.
Thus far it seems Windows XP and Windows Server 2003 SP2 are most definitely vulnerable, though Secunia suspects Windows Vista and Windows 7 could also be open to attack.
There's still a lot of time until Microsoft's next scheduled Patch Tuesday (March 8), meaning the company will have to determine if the bug warrants and out-of-schedule emergency fix.
It’s also unclear if ESET2 is of any help here because the vulnerability is in a different part of the OS.