Friday, June 24, 2005

Windows Exploit Released, But Experts Downplay Danger

Ryan Naraine writes in eWeek:

Amid conflicting reports on the extent of sniffing activity on TCP/IP Port 445, the port associated with a recently patched Windows vulnerability, security experts are warning that exploit code targeting a known Server Message Block flaw has been posted on the Internet.

The exploit code, published on the FrSIRT (French Security Incident Response Team) Web site, could be used to target the "critical" vulnerability addressed in Microsoft Corp.'s
MS05-011 bulletin.

That bulletin, which was released in February with patches for affected Windows 2000, Windows XP and Windows Server 2003 systems, corrects a weakness in Microsoft's SMB protocol implementation but it is entirely separate from the SMB (Server Message Block) fixes dropped off on Patch Day this month.


Earlier this week, researchers at Symantec Corp.'s DeepSight Network warned that a noticeable surge in scans on Port 445 just one week after Microsoft's SMB patch was an ominous sign that a mass code execution attack may be imminent.


0 Comments:

Post a Comment

<< Home