Advertisement
Promo

Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

Exploit code raises fresh Zotob alarm

Joris Evers CNET News.com

Published: 24 Oct 2005 09:35 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Exploit code was published Friday for a Windows flaw similar to the vulnerability that led to the Zotob worm that wreaked havoc in August.

The code takes advantage of a bug related to plug-and-play technology in Windows 2000 and Windows XP. Microsoft provided a patch for the flaw on 11 October in security bulletin MS05-047, along with fixes for 13 other Windows flaws. The software maker rated the issue "important".

The plug-and-play exploit code is not the first to surface for a flaw that was fixed in Microsoft's October patch cycle. Other exploits have been published on the Internet or reported privately. Release of such code typically is a prelude to an attack. However, while some experts have raised the worm alarm, attacks have yet to appear.

The exploit causes a vulnerable system to crash, but it's unlikely to be used for a worm, a Symantec representative said. "It does not gain local access to machines," the representative said.

A Microsoft representative said on Friday the company is aware of the latest exploit code, but noted that no attacks were reported. "Microsoft is actively monitoring this situation to keep customers informed," the representative said in an emailed statement.

The vulnerability lies in the same Windows component that Microsoft provided a patch for two months ago. That flaw led to the spread of the Zotob worm, which took down systems across the US, including at cable news station CNN, television network ABC and The New York Times.

Microsoft urges users to apply the MS05-047 patch. Users who updated their system with the MS05-039 fix delivered in August are somewhat protected against this flaw as well, the company said. However, if that patch is not installed, the latest flaw could be exploited remotely by an anonymous user on Windows 2000 systems, the company said.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
82 out of 151 people found this useful


Talkback

Post a comment


Full Talkback thread

1 comment

  1. Surprise, I guess they didn't really close that ho... Anonymous

Related Links

More In Desktop platforms


Company/Topic Alerts

Create a new alert from the list below:











Related Jobs

Contract Product Support Engineer

Financial Sales Consultant

Chief Technologist

Video icon

Video

Microsoft Futures Special Report

Ozzie: Success of Azure comes down to trust

Ozzie: Success of Azure comes down to trust

News In an interview, Ray Ozzie says businesses will be taking a risk by placing core operations in Microsoft's datacentre, but that the software giant has more to lose if things go bad

News Microsoft PDC: What to expect

News Microsoft unveils 'Azure' cloud OS

More Special Reports

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters