Zero Day

Latest Post | Last 10 Posts | Archives

Previous Post: Facebook worm finds a friend in Google Reader
Next Post: Talkback Tuesday: latest MS vulnerability

Exploit published for Windows worm hole

Posted in:

Exploit published for Windows worm holeReliable exploit code for the remote code execution vulnerability patched with Microsoft's MS08-067 update has been posted to the Internet, prompting a new "patch immediately" advisory from the Redmond software maker. The exploit, which has been added to the freely available Metasploit point-and-click attack tool, provides a roadmap for code execution on Windows 2000, Windows XP, and Windows Server 2003.   A second exploit has been posted to Milw0rm.com, increasing the likelihood of in-the-wild malware attacks. [ SEE: MS ships emergency patch for Windows worm hole ] From the Microsoft advisory: Several proof-of-concepts have also been publicly released. Microsoft shipped an out-of-band update last week to plug the hole after discovering “limited, targeted attacks" against Windows users.   The attacks included the use of  reconnaissance Trojans hijacking sensitive system information. The vulnerability is due to the Windows Server service not properly handling specially crafted RPC requests.  The vulnerable Windows Server service provides RPC support, file and print support, and named pipe sharing over the network. It is also used to allow the sharing of your local resources (such as disks and printers) so that other users on the network can access them.

posted by Ryan Naraine
October 28, 2008 @ 1:40 pm

Previous Post: Facebook worm finds a friend in Google Reader
Next Post: Talkback Tuesday: latest MS vulnerability

Last 10 posts:

more Posts (Archives)

WordPress Mobile Edition available at alexking.org.

powered by WordPress.