Attacks begin against critical Patch Tuesday bug

Only Windows XP SP3 -- that's right, SP3 -- is safe. Hackers are trying to exploit a critical Windows vulnerability just patched on Tuesday, security researchers said this afternoon -- and the only version of Windows not at risk is the unfinished Windows XP Service Pack 3 (SP3). Fortunately, attackers' incompetence means that these initial sorties have been unsuccessful, Symantec Corp. said in a brief warning to customers of its DeepSight threat service. "The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008," said Symantec in its alert.

On Tuesday, Microsoft Corp. patched two bugs, both pegged as "critical," in Windows' GDI, or graphics device interface, one of the core components of the operating system. According to Microsoft, every current version of Windows, including the very newest, Vista SP1 and Server 2008, is open to attack. The vulnerabilities can be triggered by malformed WMF (Windows Metafile) or EMF (Enhanced Metafile) image files, Microsoft noted in its accompanying advisory.

News Source: Computer World

Report a problem with article
Previous Story

Boom Blox producer impressed by "gamer" Spielberg

Next Story

Microsoft Exec: UAC Designed To 'Annoy Users'

21 Comments

View more comments

Only Windows XP SP3 -- that's right, SP3 -- is safe. Hackers are trying to exploit a critical Windows vulnerability just patched on Tuesday

if it was patched on tuesday, wouldn't all windows versions then be safe, provided you have patched yoru system. while SP3 isn't even released yet, so it can't really take the title of only safe windows release, specially if actual released versions have been patched.

I don't think you read it right, It's saying that the patch which was suppose to fix it has a security flaw of it's very own. So another patch is required to stop the attacks. SP3 is currently the only thing that can prevent the attack as of now.

(Enigma776 said @ #1.1)
I don't think you read it right, It's saying that the patch which was suppose to fix it has a security flaw of it's very own. So another patch is required to stop the attacks. SP3 is currently the only thing that can prevent the attack as of now.

Actually I think he's right. When the patches were released on Tuesday, hackers took note of what was being fixed, and began attacking that specific vulnerability on systems without the patch applied.

(Enigma776 said @ #1.1)
I don't think you read it right, It's saying that the patch which was suppose to fix it has a security flaw of it's very own. So another patch is required to stop the attacks. SP3 is currently the only thing that can prevent the attack as of now.

I don't think you are reading it at all. "Microsoft's GDI patches can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services." -Taken from Computer World Article

(n_K said @ #1)
err, so can someone tell me if XP SP1 is protected ?

If you're still on SP1, you have much more of an attack surface than this one particular bug.

(n_K said @ #2.4)
All I want to know is if SP1 is vun. to this attack or not ?

Please do yourself a favor, and install SP3 as soon as it's released on Windows update this month.

Yes Sp1 is vulnerable. But not just to this exploite but to MANY more. Either install Sp2 and ALL the updates as of current or unplug your computer from the Internet

Thank You.

(Tantawi said @ #2.5)

Please do yourself a favor, and install SP3 as soon as it's released on Windows update this month.


Humm will do when I free up more than 40MB of space

(n_K said @ #2.8)
Humm will do when I free up more than 40MB of space

I'm sure all the extra malware XP SP1 is susceptible to will help you increase a lot more than 40MB of space.

I think the vulnerabilities were patched on tuesday, but some people are trying to attack computers that haven't yet had the patches applied. But, I agree, the article is really confusing.

ppl who are still on sp1 should just update to sp2 and be done with it and if your not gonna update then you should either prep urself or get nailed by that bug(you should stay current)

Commenting is disabled on this article.