Computer code that exploits a critical new software vulnerability in the Windows XP and Windows 2000 operating systems is circulating on the Internet, according to security experts. Two examples of "exploit" code for a buffer overrun in the Windows Workstation Service were posted to security-related Internet discussion groups on Friday and Saturday. Both exploits have been tested and work, according to Dan Ingevaldson, director of X-Force at Internet Security Systems.
The Workstation Service vulnerability was disclosed by Microsoft in Security Bulletin MS03-049, which was released on November 11. The service is turned "on" by default in Windows 2000 and Windows XP systems and allows computers on a network to connect to file servers and network printers, Microsoft said.
Both the CERT Coordination Center at Carnegie Mellon University and ISS issued advisories last week regarding the Workstation Service vulnerability, warning that it was easy to exploit and well suited to use by self-spreading Internet worms.
View: The full story
News source: PCWorld.com
The Workstation Service vulnerability was disclosed by Microsoft in Security Bulletin MS03-049, which was released on November 11. The service is turned "on" by default in Windows 2000 and Windows XP systems and allows computers on a network to connect to file servers and network printers, Microsoft said.
Both the CERT Coordination Center at Carnegie Mellon University and ISS issued advisories last week regarding the Workstation Service vulnerability, warning that it was easy to exploit and well suited to use by self-spreading Internet worms.
View: The full story News source: PCWorld.com
"It is moving from the early adopter to the mass market phase and will ramp up quickly. [Butler Group's] advice is that you want to be asking whether your new equipment is PoE-enabled."
Using the chip, switches with 44-48 ports currently requiring about 1,500 components will now need only 200, or three external components per port.
This could bring dramatic reductions in space needed on the motherboard, labour costs in manufacture and design effort, said Igal Rotem, PowerDsine chief executive and co-founder.
PoE technology can bring big cost savings to companies by eliminating installation of power cables, outlets and uninterruptible power supplies for IT-related equipment.
IDC has estimated that the market for PoE will double to $200m next year and ultimately exceed $1bn.
There are around 36 PoE-enabled switches now in development from all major and second-tier switch makers. This compares with only about five last year.
Of these, the vast majority use PowerDsine technology. But other companies, including Texas Instruments and Linear Technology, are entering the market.
and why doesn't that surprize me?
it's microsoft. what do you expect?
Lets see. Microsoft publishes a patch on Nov. 11 and explains what it protects against.
Then hackers 6 to 7 days later break those computers without the patch.
Real hard? That is why you MUST update after a patch is posted. Once a patch is posted then Hackers know what to attack.
Slammer and the like all came out AFTER security patches were RELEASED. Not before. It is real easy to start hacking after MS announces where and what the problem is.
Slammer and the like all came out AFTER security patches were RELEASED. Not before. It is real easy to start hacking after MS announces where and what the problem is.
haha, hackers always know first... they don't mean to "cause harm," its to make a point. you know with the accsess that the Slammer worm had, they could have erased your HD....
If it were Linux I'm sure you'd have done your diligence.
If you're not part of a network, or are part of a network, but don't need to connect to servers and networked printers, sounds like you can disable this service to protect yourself.
[Edit] Like #6 said, I wouldn't worry about it so much. PCWorld also pointed out that the code that takes advantage of these vulnerabilities is quite immature, for the time being. The exploits aren't robust enough to really cause any problems, yet.[/EDIT]
Last edited by 11783 on 18 Nov 2003 - 14:10
Patch or die is our motto!
common sense and stop being so paranoid! being paranoid (like my dad funily enough!) makes life a really boring....thing
Human Paranoia is great and keep the world on its toes.
*THWACK*
Not much of a "patch" then is it? Sounds more like a "Complete Reinstall and Entire Software Reassessment".
Really now? And how do you expect to run Windows software on it (without using crappy WINE)?
But anyways, some people _need_ windows.
Im not bashing Windows, by making the statement i did, im saying its not secure, and not at all superior.
Of course people need Windows, i need it at work, because they wont let me install anything else, but still, i know its needed. That doesn't make it better.
OpenBSD and Windows 2003 have about the same number of patches anyway; overall everyone needs to recognize that while Windows may have visible vulnerabilities, there isn't any OS that is 100% superior. Noone uses OpenBSD as a client, so you can't compare oBSD to XP.
This is neither good nor bad... rather, it should be accepted that some sort of auto-update process become the norm for any platform except for explicitly managed servers.
99% of all client vulnerabilities would have been fixed simply by allowing the auto-update process to do its work rather than to be paranoid.
This is so pathetic. I wish they had spend their time on more productive things.
Anybody got any idea why?
Do you think I managed to clear it out during one of my system streamlining sessions?
next blaster? (nb: I said it first
I beat you all! I predicted it first! mwhahahahaha
2) It wasn't even a remotely 'off the wall' or 'inspired' prediction
3) This is a tool that exploits it, not a worm. Tools rarely turn into worms, they are different beings.
Jumping on a bandwaggon wont get you medals, predicting codered may have, but now every clown is screaming 'worm!' as soon as MS bugs are mentioned.
<End mini rant>
All I am interested in, is is there a patch already -- and if so, how long will it take before it gets applied.
how would one of these "hackers" feel if i jumped thru a window in their house to highlight how insecure their windows are?
hackers... get some clearasil, and a life.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.