A new Remotely Exploitable Vulnerability Affecting the S.M.B. Kernel Component ("srv2.sys") of Windows Vista S.P.1 and Later, and possibly some Versions of Windows 2008 and Windows 7.
So far, the Discoverer of the Issue has demonstrated that it's possible to leverage the Vulnerability to Trigger a Crash within the Kernel of a Vulnerable system. As a result, in the short term the issue may be used for a Denial-of-Service Attack. However, public investigation suggests that the issue may be Exploitable to achieve Remote Code Execution.
We strongly advise users to Block T.C.P. Port 445 immediately until Patches are Available. The researcher who Discovered the Flaw has stated that File-Sharing must be Enabled for the Issue to be Exploited. Un-less explicitly required, users should Disable File-Sharing.
Symantec is currently Tracking this issue as B.I.D. 36299:
Microsoft Windows S.M.B.2 "SRV2.SYS" Denial-of-Service Vulnerability.