Microsoft published security advisory about vulnerability in operation system Windows 7 that is result of improperly implementation of SMB (Server Message Block) protocol.

Mention protocol provides shared access to files and miscellaneous communications between nodes on a network. The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie when he posted proof-of-concept attack code to Full Disclosure mailing list (a collection of addresses used by an organization to send material to multiple recipients). An attacker can use this flow to cripple Windows 7 and Windows Server 2008 R2 machines. After tricking users into visiting a malicious site or a previously-compromised domain, attacker could feed them specially-crafted URIs (Uniform Resource Identifier). If attacker sends malformed SMB packets, he can crash their PCs. The Microsoft suggested users to block TCP ports 139 and 445 at the firewall although it would disable a host of critical services (including network file-sharing). The original new coud be read at COMPUTERWORLD website or read in continued text.