Security researchers took 2 hours to reverse engineer yesterdays release of a critical patch for the Windows operating system.
According to The New York Times, developers of the Immunity security testing tool wrote an exploit after Microsoft released a patch for the issue yesterday. Immnuity's tool is available to paying customers to test their systems against exploit code.
Hackers and security researchers regularly reverse engineer patches after Microsoft release them in an effort to get workable exploit code.
In a statement yesterday Microsoft feared the vulnerability "could be used in the crafting of a wormable exploit". If exploited, the vulnerability would allow an attacker to take complete control of the computer and affect other machines on the network in worm-like fashion.
The flaw lies in the Windows Server service, used to connect different network resources such as file and print servers over a network.
Microsoft has urged customers to download the update direct from Microsoft.
10 Comments - Add comment