Friday March 19, 2010 9:54 AM AEST

Atomic MPC > News > Build > Networking > Windows 7, Vista vulnerable to BSOD attack

Windows 7, Vista vulnerable to BSOD attack

A faulty driver leaves the system wide open.

Operating systems are incredibly complicated bundles of code, so entangled around each other and manipulated to form some kind of working beast that it's a surprise they manage to work at all. With so many variables introduced by the many humans working on code under a strict deadline (and keeping in mind just how reliable humans are under pressure), there are frequent system-threatening errors.

The latest one, discovered by security researcher Laurent Gaffie, involves a driver called SRV2.SYS that is buried inside the networking stack of both operating systems. Its function is to allow printers and scanners be used remotely from other users on the network, but adding a simple ampersand (& for those who don't know) to the "Process Id High" field and sending it through the wide-open port 445, it causes the entire stack to crash and force a reboot.

While it's pretty amusing that a simple printer exception in the firewall can crash a system, it means that anyone who is wily enough to know what they're doing could crash your PC in the middle of pretty much anything. Gaffie recommends turning off the printing features until a patch is released, just in case. This bug affects both Windows 7 and Vista equally, while XP and earlier are not affected.

Head to the H Security to check out an explanation of how to use this naughty resetting bug.

Want to check out the first Australian review of Final Fantasy XIII? We got in this month's Atomic!

Plus HD projectors, Napoleon: Total War, Intel's new six-core processor, PC upgrading guide, and a whole lot more.

ON SALE NOW!

Ads by Google

7 Comments

Thoughts on this article? Add a comment below.

thesorehead Sep 9, 2009 11:44 AM	lulz. I guess something like that is bound to happen. I wouldn't have expected that having the stack crash (whatever that means) would force a reboot. Also, wouldn't it only be activated if you have a network-shared printer? shrug such is life.
SyKRyD Sep 9, 2009 12:43 PM	can someone post up instructions? i would like to play a joke on enemi... uh, i mean, "colleagues", in my company. lol
Hoonbernator Sep 9, 2009 1:17 PM	interesting that this affects Vista too... meaning it's been around for quite a while. I'm with you SyKRyD, I want a little application to do this :)
N3M3SiS Sep 9, 2009 4:16 PM	Woot, its WinNuke all over again! ;) Those interested in "testing" follow the link at the end of the article.
.:Cyb3rGlitch:. Sep 9, 2009 5:13 PM	waits for patch Tuesday
hazarama Sep 9, 2009 9:50 PM	That is an awesome bug. Great post.
Xen Sep 17, 2009 9:26 AM	it's strange to think that a couple of years ago security vulnerabilities like this would have been ignored for year (teardrop/ping of death..etc). Now its found and the window to use the exploit is reduced to a week at the most. Glad to see security is becoming more and more of a priority.

Editor's Choice

Area 53

Atomic Magazine

Issue: 111 | April, 2010

Atomic is a magazine aimed squarely at computer enthusiasts, gamers, and serious PC upgraders.

Every month we bring you the latest reviews of new technology and PC components, in depth features on everything from overclocking to console hacking, and gaming previews and interviews.

What's in this issue?