Attack code out for 'critical' Windows flaw

Computer code posted over the weekend can crash vulnerable computers by exploiting a Windows flaw disclosed in October.

The exploit code takes advantage of a flaw Microsoft tagged as "critical." The bug lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC. Microsoft addressed the flaw in security bulletin MS05-051.

"Initial investigation of this exploit code has verified that successful exploitation could lead to a denial of service attack...and not remote code execution," a Microsoft representative said in a statement. In a denial of service attack a computer would crash, while remote code execution would mean the attacker has full control over a PC.

Users who have applied the MS05-051 patch are protected against exploitation of the flaw, Microsoft said. The patch has been available since Oct. 11, but some users have reported problems with applying the update.

This is not the first exploit code for the MSDTC flaw, but it is the first to be published publicly on the Internet. The first exploit was created by security vendor Immunity for users of its penetration testing product.

When Microsoft released its patches, experts were quick to warn that the MSDTC flaw could spawn an attack similar to the Zotob worm that wreaked havoc in August. Such an attack has not occurred. However, the public posting of exploit code could be a sign that an attack is coming, experts have said.

Microsoft said it is not aware of any current attacks that use the latest exploit code. The software maker urges all customers to apply the most recent security updates to protect their systems.

[zaznet]

Flaws from October

While this will hit many customers of windows the true vulnerable systems are those that are either not managed or not licensed.

The patches from November should already be applied to most corporate systems and any home system that uses the automatic updates feature.

[Michael Grogan]

Easily said

But the fact is M$ patches are getting to be worse than the security flaws they address. The second poatch after that one left my computer glitchy as hell and has blocked my AV software entirely. By the way, even unlicensed versions of xp can still use the automatic update feature.

Heh...

If Microsoft made at least a feasable attempt to find these problems before they happened, the programs they make wouldnt be so easy to destroy. Take the X-box 360 for instance; it already has lock-up problems with the main console, so now everybody who bit teeth to get one has to send it back for reprogramming.