Patch or else, warns Microsoft
By Joris Evers
Published: 27 June 2006 08:45 GMT
Computer code that exploits a "critical" vulnerability in Windows has been released on the internet, prompting Microsoft to issue a security advisory.
The attack code takes advantage of a flawed Windows routing and remote access component for which Microsoft released a patch two weeks ago, the company said in its advisory published late on Friday. The company is not aware of any actual cyber attacks that use the exploit code, it said.
Microsoft said: "An attacker who successfully exploited this vulnerability could take complete control of the affected system."
It urges users to apply the fix delivered with security bulletin MS06-025, which will remove the vulnerability. "We have confirmed that the exploit code does not affect users who have installed the update," Microsoft said.
However, the MS06-025 fix can interfere with a certain dial-up networking connections, Microsoft said last week. The company advised people who use dial-up scripting or terminal window features not to install the security update while it works on a revised patch. That revision is still in the works, a Microsoft representative said on Monday.
The MS06-025 update was one of a dozen security bulletins that Microsoft released two weeks ago. At least one patch came after the vulnerability it addressed had already been exploited in a cyber attack. Exploits for some other flaws have also been released, further increasing the urgency to patch.
Joris Evers writes for CNET News.com
Microsoft: Yes, there's a flaw in Windows wi-fi...
Microsoft issues flaw fixes for Outlook and Windows
Microsoft to hunt 'new species' of bugs
Microsoft gets ahead of itself with WMF patch
Windows flaw could hit enterprise systems
Windows flaw spawns flurry of attacks
FIX Support Analyst with strong client facing skills required for a leading boutique financial software organisation. An in-depth knowledge of FIX is ...
Title: Web Applications Vulnerability Tester / Penetration Tester Salary: market rates but probably 40k to 60k Company: online / ecommerce company ...
Work with the implementation teams to ensure that customer services have satisfied all pre-production checks/tests before they are released into ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy