Waiting Is the Hardest Part: A Purple Team’s Take on MS15-034
Summary
This article discusses MS15-034, a Microsoft security bulletin related to a remote Denial of Service (DoS) vulnerability. The author highlights that exploit code for this vulnerability might be released soon, urging blue teams to prepare.
IFF Assessment
The article discusses a known vulnerability that could lead to a Denial of Service attack, which is bad news for defenders.
Severity
MS15-034 (CVE-2015-1635) is rated with a CVSS v3.0 score of 7.5 (High) due to its potential for remote code execution via a specially crafted SMBv1 packet, impacting confidentiality, integrity, and availability.
Defender Context
This article serves as a reminder about older but still potentially exploitable vulnerabilities like MS15-034. Defenders should ensure systems are patched against such issues, as exploit code can resurface or be adapted for new campaigns.