This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt remote denial-of-service vulnerability attacks on Windows for SMB2.
Microsoft Windows is prone to a remote denial-of-service vulnerability. Specifically, the issue occurs when a crafted SMB or SMBv2 packet containing less data than the value defined in the NetBIOS header is parsed. This causes the process to go into an infinite loop, resulting in a denial-of-service condition.
For an exploit to succeed, a remote attacker must entice an unsuspecting user to connect to a malicious SMB server.
The issue affects Windows 7 and 2008 R2.
- The issue affects Windows 7 and 2008 R2.
The vendor has released an advisory and updates. Please see the references for details.