Exploit Code for Critical Windows Flaw in the Wild
Remember the out-of-date security patch that Microsoft released the other week, the one that was deemed critical for XP and Windows Server users? We were all taken by surprise when Microsoft announced it, because they are not in the habit of breaking the long-lasting Patch Tuesday tradition – that is unless some crafty hackers are already exploiting a flaw within Windows.
Here is a quick reminder: by exploiting the way in which RPC requests are handled by Windows Server, the attacker could potentially take over a targeted machine (get access to files stored on it, delete said files, install malicious programs on said machine, and so on). The security experts that figured out an exploit, announced it to the public but kept the technical details under wraps for obvious reasons. As is the case with the Internet, you can never keep information away from the public for too long and consequently an exploit code for the MS08-67 vulnerability has leaked out.
The exploit code does indeed work, and that is why you need to patch your system right away (assuming you did not do this last week). There are several proof-of-concept exploits available on the net, but they will have no effect on an updated, patched Windows-based operating system.
According to security solutions provider PandaLabs, the vulnerability is already being used by people with malicious intent in order to access confidential data. For example, the Gimmiv.A Trojan detected by PandaLabs will gather the following info: user names and passwords fed to web applications; MSN and Outlook Express passwords; browser details, computer and system name; what patches are installed on the machine. Once collected, all that data is then relayed to a remote server.
There are two exploit codes that caught our attention: the Milw0rm and the one added to the Metasploit attack tool.
Tags: Microsoft, Windows, MS08-67
Here is a quick reminder: by exploiting the way in which RPC requests are handled by Windows Server, the attacker could potentially take over a targeted machine (get access to files stored on it, delete said files, install malicious programs on said machine, and so on). The security experts that figured out an exploit, announced it to the public but kept the technical details under wraps for obvious reasons. As is the case with the Internet, you can never keep information away from the public for too long and consequently an exploit code for the MS08-67 vulnerability has leaked out.
Advertising
The exploit code does indeed work, and that is why you need to patch your system right away (assuming you did not do this last week). There are several proof-of-concept exploits available on the net, but they will have no effect on an updated, patched Windows-based operating system.
According to security solutions provider PandaLabs, the vulnerability is already being used by people with malicious intent in order to access confidential data. For example, the Gimmiv.A Trojan detected by PandaLabs will gather the following info: user names and passwords fed to web applications; MSN and Outlook Express passwords; browser details, computer and system name; what patches are installed on the machine. Once collected, all that data is then relayed to a remote server.
There are two exploit codes that caught our attention: the Milw0rm and the one added to the Metasploit attack tool.
Tags: Microsoft, Windows, MS08-67
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 23 May 2013
Microsoft rolled out a new ad in which it uses Siri’s voice to highlight several things the iPad can’t do. This brings back memories of the famous “Get a Mac” ads that bashed Microsoft’s PCs.
By George Norman on 22 May 2013
The free 9GAG app for Android-powered devices has been updated to version 1.4 earlier this week. The update adds the option to upload posts to 9GAG from within the app.Related News
By George Norman on 02 May 2013
Think your children have adult material on the PC? Use Media Detective to scan the computer, uncover and remove it!
By George Norman on 12 Apr 2013
There’s less than a year until Microsoft will pull the plug on Windows XP. Extended support for the operating system will end on April 8, 2014. Office 2003 will also reach end of extended support on the same date.
By George Norman on 05 Feb 2013
See which applications are set to launch at startup, disable entries and add new ones, get notifications if an application tries to put a startup registry on your system. All these are offered by the free Startup Patrol application
By George Norman on 04 Dec 2012
Microsoft, in a push to get more people to use its browser, is now saying that you should stop hating on Internet Explorer and start using it instead. IE10 is a completely redesigned browser and it’s really good.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Exploit Code for Critical Windows Flaw in the Wild
HTML Linking Code
HTML Linking Code