Microsoft has confirmed the presence of a vulnerability in the Server Message Block (SMB) protocol, according to an advisory released Friday. The company said successful exploitation of the flaw, which affects Windows 7 and Server 2008 Release 2, can lead to a denial-of-service that results in a system crash -- but not the injection of malicious code. Exploit code has been published, but Microsoft is not aware of any active attacks underway. —DK