U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

CERT/CC Reports a Microsoft SMB Vulnerability
02/03/2017 03:48 AM EST

Original release date: February 03, 2017
CERT Coordination Center (CERT/CC) has released information on a Server Message Block (SMB) vulnerability affecting Microsoft Windows. Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition or take control of an affected system.

No patches are currently available, but mitigations include blocking outbound SMB connections (TCP ports 139 and 445 and UDP ports 137 and 138) from the local network to the wide-area network. For more information, see VU#867968.