A hacker group released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack as soon as this weekend, security researchers warned.
The warning came Friday, after hackers from the Chinese X Focus security group forwarded source code to several public security lists. The code is for a program designed to allow an intruder to enter Windows computers. The X Focus program takes advantage of a hole in the Microsoft operating system that lets attackers break in remotely. The flaw has been characterized by some security experts as the most widespread ever found in Windows.
"An exploit (program) like this is very easy to turn into a worm," said Marc Maiffret, chief hacking officer for network protection firm eEye Digital Security. "I wouldn't be surprised if we see a worm sooner rather than later." While many security researchers believe the publication of such information can encourage security personnel in businesses to patch holes faster, the release of exploit code has typically preceded the largest worm attacks of the past few years.
Maiffret and other security researchers worried that next week's Defcon hacker conference in Las Vegas will act as a catalyst and spur a malicious hacker to create and release such a worm. In January, the Slammer worm spread to corporate networks worldwide, causing databases to go down, bank teller machines to stop working and some airline flights to be canceled. Six months earlier, a researcher had released code that exploited the major Microsoft SQL vulnerability used by the worm to spread.
News source: C|Net News.com