Credit: Laurent Gaffié
In September 2009, Laurent Gaffié dropped a Windows 7 vulnerability in the SMB2 code, which quickly turned out to be exploitable. The vulnerability was not only technically interesting, but it caused some embarrassment for Microsoft because it was found by a simple 20-line fuzzer. Few security researchers believed that finding a remote Windows 7 bug would be that easy, but Laurant proved them wrong again by releasing multiple additional SMB2 vulnerabilities over the next few months.