News
News
8/9/2006
05:32 PM
Connect Directly
RSS
E-Mail
50%
50%

Exploit For Worst Bug Of August On The Loose

Security experts said the MS06-040 bug was the worst of the 23 patched by Microsoft this week. Now they say it's being used in attacks.

A day after Microsoft posted a dozen patches for Windows and Office, the one pegged by security analysts as the most dangerous is being used in attacks, the federal cyber-agency said.

According to an advisory issued Wednesday by US-CERT, the arm of the Department of Homeland Security that disseminates information about developing computer threats, an active exploit of the buffer overflow bug in Windows' Server service has been confirmed.

"If a remote attacker sends a specially crafted packet to a vulnerable Windows system, that attacker may be able to execute arbitrary code with system privileges," US-CERT said in the warning.

In its MS06-040 security bulletin, Microsoft spelled out the problem with Server service, a component responsible for sharing of local resources such as drives and printers, with others on the network. Attackers could exploit the buffer overflow vulnerability, Microsoft said, without any user intervention.

Tuesday, security experts agreed that the MS06-040 bug was the worst of the 23 patched by Microsoft. That feeling only intensified Wednesday, as others, including Microsoft itself, weighed in.

"Potentially, there a lot of folks who could be vulnerable [to this vulnerability]," said Patrick Martin, senior product manager with Symantec's security response team. Add that to a hands-off exploitation of the bug and you have "a pretty potent combination," he added.

"Users may not even know [an attack] has happened."

For its part, Microsoft took the unusual step of highlighting the Server service flaw as the most critical of 16 critical bugs patched Tuesday. In an entry to the Microsoft Security Response Center's official blog, the team called out the vulnerability as first among equals.

"While we always recommend applying any updates rated "Critical" as soon as possible, we are recommending that customers give priority to MS06-040 for testing and deployment due to technical specifics around the vulnerability," the MSRC advised.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.