You are here: silicon.com > Software > Malware

Malware

Windows flaw attack-code hits the net

Patch or else, warns Microsoft

Tags: attack code, windows flaw, exploit

By Joris Evers

Published: 27 June 2006 08:45 GMT

Computer code that exploits a "critical" vulnerability in Windows has been released on the internet, prompting Microsoft to issue a security advisory.

The attack code takes advantage of a flawed Windows routing and remote access component for which Microsoft released a patch two weeks ago, the company said in its advisory published late on Friday. The company is not aware of any actual cyber attacks that use the exploit code, it said.

Microsoft said: "An attacker who successfully exploited this vulnerability could take complete control of the affected system."

It urges users to apply the fix delivered with security bulletin MS06-025, which will remove the vulnerability. "We have confirmed that the exploit code does not affect users who have installed the update," Microsoft said.

However, the MS06-025 fix can interfere with a certain dial-up networking connections, Microsoft said last week. The company advised people who use dial-up scripting or terminal window features not to install the security update while it works on a revised patch. That revision is still in the works, a Microsoft representative said on Monday.

The MS06-025 update was one of a dozen security bulletins that Microsoft released two weeks ago. At least one patch came after the vulnerability it addressed had already been exploited in a cyber attack. Exploits for some other flaws have also been released, further increasing the urgency to patch.

Joris Evers writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


  • Jobs
Web Applications Vulnerability Tester

Title: Web Applications Vulnerability Tester / Penetration Tester Salary: market rates but probably 40k to 60k Company: online / ecommerce company ...

Fix Support Engineer - Futures and Options

FIX Engineer in Glasgow required for this top tier bank. The successful candidate will be responsible for Implementing FIX Build projects, such as ...

Firewalls Engineer - Cisco Pix - Hampshire

The key responsibilities will include: supporting the firewalls, network, and the mail and web content filters that provide access to the internet ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: