·afterdawn.com home  ·Search  

This discussion forum has been closed.
Starting new topics or replying to existing topics is no longer possible.
We welcome all users to use AfterDawn's discussion forums instead.
 

 

p2pnet.net/,total article,....Critical Microsoft exploit alert

Get AnyDVD HD and copy any DVD or Blu-ray disc with ease!
Posted Message
ireland 
AfterDawn Addict

27 Jun 2006 12:14 PM
Critical Microsoft exploit alert

p2p news / p2pnet: Microsoft is gearing up for a disruptive attack, "similar to the Zotob worm that hit several high-provide targets in August 2005," says eWeek.

At the time, F-Secure's Mikko Hyppönen wrote of the worm, "this one was using a brand new exploit against a brand new vulnerability: the MS05-039 PnP hole."

Now, anyone using Microsoft Windows, users, especially businesses running Windows 2000, should pay attention to a special warning about exploit code that zeroes in on a vulnerability Microsoft has labeled "critical".

The code was released by security consultant H.D. Moore, "as part of the Metasploit Framework, an open-source tool for penetration testing and exploit development," says the story.

Microsoft's security response unit, "is strongly urging" Windows users to patch vulnerabilities detailed in MS06-025, "because of the potential for a worm attack," says the story, going on:

"The MS06-025 bulletin provides fixes for a pair of code execution flaws in the RRAS (Routing and Remote Access Service) in Windows. On Windows 2000 systems, the flaws carry a "critical" rating because it presents a remote unauthenticated attack vector.

"Both flaws could allow a remote attacker to take "complete control" of an affected system and because of the "blow-by-blow" description of the exploit, "Microsoft is bracing for the possibility of a disruptive attack similar to the Zotob worm that hit several high-provide targets in August 2005," says eWeek.

Affected Software:

* Microsoft Windows 2000 Service Pack 4 - patch
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 - patch
* Microsoft Windows XP Professional x64 Edition - patch
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 - patch
* Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems - patch
* Microsoft Windows Server 2003 x64 Edition - patch


Patches for Microsoft Windows Server 2003, Windows Server 2003 Service Pack 1, and Windows Server 2003 x64 Edition also apply to Windows Server 2003 R2, says Microsoft, also pointing out Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) aren't affected.

Digg this story.

Also See:
Zotob worm - Zotob creators arrested, August 27, 2005
brand new exploit - Zotob worm outbreak, August 23, 2005
eWeek - 'Detailed Exploit' Published for Critical Windows Flaw, June 26, 2006

p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile - http://p2pnet.net/index-wml.php

(Tuesday 27th June 2006)
http://p2pnet.net/story/9185
Get AnyDVD HD and copy any DVD or Blu-ray disc with ease!
It is already over 90 days since last post to this thread, you're not allowed to post here anymore.