Tuesday, October 18, 2005

Exploit code raises Windows worm

Computer code has already been written to take advantage of Windows flaws that were disclosed Tuesday, a sign that a worm attack could be near.

Exploit code exists for four of the 14 vulnerabilities for which Microsoft provided fixes this week. One of the exploits was written for a flaw which Microsoft tagged as "critical". The bug lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator or MSDTC.

When Microsoft released its patches on Tuesday, experts had already warned that the MSDTC flaw could spawn an attack similar to the Zotob worm that wreaked havoc two months ago. Microsoft urged users of older operating systems, specifically Windows 2000 and Windows XP before Service Pack 2, to prioritize the update that fixes the flaw, which is addressed in security bulletin MS05-051.

Microsoft is aware of Immunity's exploit code, but has not seen any attacks that use the code. Symantec predicts a worm exploiting the MSDTC flaw will surface in the next few days. It is unknown how hard the worm will hit. So please patch your windows now!

No comments:

Post a Comment