This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Product activation system flaw found in Windows 7 follows earlier server message block problem

Share this article:

The first flaws have been discovered in Microsoft's Windows 7.

An exploit was discovered last week by white hat researcher Laurent Gaffié after Windows 7 was omitted from any fixes on Patch Tuesday, when he detected a flaw in the server message block (SMB) which could be used by attackers to kill Windows 7 and WS2K8 R2 systems. A patch was pushed out at the end of last week for the vulnerability.

Commenting, Chris Merritt, director of solution marketing at Lumension, said: “Disturbingly, there seems to be no blue screen of death to indicate you've been hit – it just crashes the kernel and you see nothing. In it's analysis of the issue, Microsoft suggests in its Security Advisory 97544 that you block TCP ports 139 and 445 at the firewall.

“While this is the first zero-day vulnerability found in Redmond's latest and greatest, it will not be the last. That's why it's as important as ever to stay current with all patches (and not only those coming from MS) and think through your defence-in-depth strategy.”

Reports also surfaced over the weekend that Windows 7's product activation system has been cracked. Richard Kirk, Fortify's European director, said: “The RemoveWAT utility - also known as ChewWGA - exploits at least one of several probable security flaws on Windows 7 to allow a user to bypass the Windows Genuine Advantage registration procedure.

“This type of crack appeared shortly after Windows Vista went on sale in January 2007 and was solved when Microsoft issued an update. Similar utilities for Windows XP also started appearing in the summer of 2005, shortly after the Windows Genuine Advantage system was made mandatory in July of that year.”

He further claimed that he expects Microsoft to retroactively re-engineer Windows 7 to prevent any registration loopholes from being exploited, and advised to check and keep checking for flaws.

“More than anything, this highlights the fact that the sheer size of programs these days means that code loopholes will slip through the net unless you are scrutinizing them regularly from the moment they are written whether designed in-house or commercially,” said Kirk.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...

China refutes new FBI hacking claims

China refutes new FBI hacking claims

It's been another week of claims and counterclaims as the US and Chinese governments accuse each other of deviant cyber security practices.