Microsoft was quick to issue an advisory after first reports suggested that a Windows flaw could attack both Windows Vista and Windows 7. After the flaw was discovered, Microsoft was quick to note that Windows 7 was NOT one of the operating systems that could be attacked. In an advisory the company stated the following information:

General Information

Executive Summary

Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.

The article goes on to state that neither Windows 7 nor Windows XP have any issues with the SMB problem.

Comments welcome.