Security researchers have released attack code that will crash Windows XP and Vista PCs that are susceptible to a recently patched bug in the operating system. The code was released yesterday to security professionals who use Immunity's Canvas computer security testing software. It causes the Windows system to crash but does not let the attacker run malicious software on the victim's system. It is not available to the general public.
That's the biggest concern for security experts who worry that a more dangerous attack may soon follow as researchers dig further into the vulnerability. The bug is particularly troublesome for two reasons. First, it affects a widely used Windows component that is turned on by default. Worse, no user interaction is required to trigger the flaw, meaning that it could be exploited in a self-copying worm attack. Microsoft patched the flaw in its MS08-001 update, released last week, but it takes time for enterprise users to test and install Microsoft's patches.
View: Full Article @ PC Advisor
That's the biggest concern for security experts who worry that a more dangerous attack may soon follow as researchers dig further into the vulnerability. The bug is particularly troublesome for two reasons. First, it affects a widely used Windows component that is turned on by default. Worse, no user interaction is required to trigger the flaw, meaning that it could be exploited in a self-copying worm attack. Microsoft patched the flaw in its MS08-001 update, released last week, but it takes time for enterprise users to test and install Microsoft's patches.
View: Full Article @ PC Advisor
So how is it different to any other flaw that's been patched?
http://en.wikipedia.org/wiki/Sasser_worm
http://en.wikipedia.org/wiki/Sasser_worm
do you understand what patched a flaw means, it means if you have updated your system you wont get hit by it, nomatter what anyone figures out, oh yeah and someone already figured it out, thats why theres an article here...
i remember sasser, a fully patched sytem wasn't vulnerable!!!
If your Windows installation crashes a lot, you must have a defect. (Or your Windows install does.)
Don't have A/V either...
No problems, though!
No AV as well, but I use Comodo Firewall with Defense+. No problems.
Because he is being a hot dog!
(which don't have brains AFAIK)
Not something I would brag about.
Many folks do not patch their systems as they are simply unaware they need to. My experience has shown me this.
This issue may yet be exploited to become a widespread worm if a suitable attack can be developed. It could be on the scale of Sasser or similar when or if this happens.
Servers are often the last machines to be updated given their admins dislike for disturbing the status quo for production machines.
Kind Regards
Simon
admins like that need to think about how much down time there production machines might have if exploited.
Why all the patching during off-peak hours or the downtime. With WSUS 3.0, you just approve the patches to a test computer, fire it up as admin, run wuauclt.exe /detectnow, install the patches when it prompts you, test the computer. If all's well, you approve the patches for everything else, and the patches get installed the next time the workstations are shut down. Monitor for those that haven't had the patches applied the next day and go shut the offenders down at lunch time.
Problem solved.
The only difficulties are servers, they are the ones that have to be done in off-peak hours.
Why all the patching during off-peak hours or the downtime. With WSUS 3.0, you just approve the patches to a test computer, fire it up as admin, run wuauclt.exe /detectnow, install the patches when it prompts you, test the computer. If all's well, you approve the patches for everything else, and the patches get installed the next time the workstations are shut down. Monitor for those that haven't had the patches applied the next day and go shut the offenders down at lunch time.
Problem solved.
The only difficulties are servers, they are the ones that have to be done in off-peak hours.
+1, but i always just schedule the server updates during off peak, they install reboot themsleves and all good.. it really aint that hard
Huge amount of time?
You boot up, go to windows update, select everything, click install and go have your dinner/lunch/whatever. Job's done and it only has to be done ONCE per installation, after that it's once a month for a few mins and a restart.
Whereas how much time do you lose when you get a nasty virus that you can't easily get rid of?
And no doubt you're one of the first people to complain about insecurities and vulnerabilities and so on.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.