Get Smart about Business Spending
- Related Stories
-
Microsoft plugs 21 security holes
June 13, 2006 -
No fix for 'critical' hole in Windows 98, ME
June 9, 2006 -
Bumper crop of Microsoft patches on the way
June 8, 2006
Most of the patches that Microsoft issued were for flaws that were widely known. But at least two flaws were made public for the first time on Tuesday as part of the company's monthly security update.
Security firms reported finding the code on Wednesday. The exploit code for previously unknown flaws means hackers could use the code to pounce on computer systems with managers who are slow to apply patches.
"Microsoft is aware that detailed exploit code was published on the Internet for some of the vulnerabilities," the software maker said in a statement. "With the exception of MS06-027 (the Word malware that began circulating last month), Microsoft is not currently aware of any active attacks utilizing this exploit code...the exploit code does not affect users who have installed all June security updates."
In all, Microsoft issued patches for 21 flaws in its security update, saying all but two of them could let an intruder run malicious code on a compromised computer.
Some of the exploits that appear on the Web are for "critical" flaws in Windows Media Player and for "routing and remote access." The SANS Internet Storm Center reported that two exploits were for the "routing and remote access."
VeriSign's iDefense team also announced that it had developed a "proof of concept" exploit code for a security hole in the ".art" file, a file type used often for AOL services and Web sites, according to iDefense.
See more CNET content tagged:
patch management, iDefense, flaw, security update, code
<CONSPIRACY>
Did Microsoft find out about the expoit code from the wild and create patches for them so that when the attacks began they would be stopped before they began or did they manufacture the whole thing, the exploits, the patches, the media stories?
</CONSPIRACY>
OOPPS! Sorry about that, went into conspiracy mode again.
But conspiracies aside for the moment, one of the problems with security patches is that they provide a nicely packaged roadmap to a vulnerability. A cracker may not be able to determine how to effectively exploit a given vulnerability given nothing but its description. But with the patch in hand the cracker can see exactly what modules are affected, and by comparing to unpatched versions can even determine exactly what code has been changed (and is thus vulnerable pre-patch).
That's one reason why quickly applying a critical security patch is so important - even if there aren't exploits in the wild when the patch is released, the exploits can evolve VERY quickly to take advantage once the patch is out.
- interesting
- by thedreaming June 15, 2006 6:35 AM PDT
- Microsoft puts out security patches and almost overnight, we get the first attacks using those same patched security gaps.
- Like this Reply to this comment
-
-
- Roadmaps
- by cbarn June 15, 2006 7:59 AM PDT
- It could all be a conspiracy. ;-)
- Like this
-
(4 Comments)<CONSPIRACY>
Did Microsoft find out about the expoit code from the wild and create patches for them so that when the attacks began they would be stopped before they began or did they manufacture the whole thing, the exploits, the patches, the media stories?
</CONSPIRACY>
OOPPS! Sorry about that, went into conspiracy mode again.
But conspiracies aside for the moment, one of the problems with security patches is that they provide a nicely packaged roadmap to a vulnerability. A cracker may not be able to determine how to effectively exploit a given vulnerability given nothing but its description. But with the patch in hand the cracker can see exactly what modules are affected, and by comparing to unpatched versions can even determine exactly what code has been changed (and is thus vulnerable pre-patch).
That's one reason why quickly applying a critical security patch is so important - even if there aren't exploits in the wild when the patch is released, the exploits can evolve VERY quickly to take advantage once the patch is out.