Comments on: SMB2 zero-day flaw could expose Vista PCs to Conficker-like worm attack

By: bacohido

bacohido — Thu, 10 Sep 2009 18:22:43 +0000

Michael:
Thanks for pointing out the incorrect reference to Windows 2003. I will make the fix.
Byron

Michael P. Kassner — Thu, 10 Sep 2009 17:33:09 +0000

Byron,

I thought that you might like to know that Windows Server 2003 is not affected by this vulnerability. It is certain versions of Windows Server 2008:

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

David Oxley — Thu, 10 Sep 2009 03:10:24 +0000

Yet another argument for responsible disclosure: if you don’t know your own exploit well-enough to know just how dangerous it might be!

Curious to see where this goes in the coming weeks. For the love of God, let there not be another worm…