SMB2 – 8 Days From 0-day To Exploit

Security Researchers at Immunity have released today an exploit for the SMB2 flaw in Vista/2008, as reported today by The Register’s Dan Goodin. The code is available under the Canvas Early Updates program and a paid subscription is needed to access it.

The Exploit works on all versions of Vista and Windows 2008 with the exception of 2008 R2. Microsoft has described in this advisory a workaround, amounting to turning off SMB2. The implementation of this workaround is now becoming critical as attackers will have access to the code soon, in the most optimistic case next week when HDMoore thinks that Metasploit will have the exploit implemented.