The exploit takes advantage of the most dangerous of the 14
vulnerabilities Microsoft described--and released patches for--this week.
An exploit was released Wednesday for the most dangerous of the 14 vulnerabilities that Microsoft unveiled Tuesday, making the appearance of a worm virtually a lock, said a security expert.
The exploit is against the MSDTC vulnerability within Windows, which was patched Tuesday by Microsoft and outlined in its MS05-051 security bulletin. Because the MSDTC component -- which coordinates any sort of transaction on multiple servers -- is enabled by default and remotely exploitable on Windows 2000 systems, experts fear that the bug will result in a repeat of the Zotob attacks of August. Most security analysts named the flaw as the most dangerous of Tuesday's bunch.
Wednesday, an exploit was made available to customers of Immunity Security's Canvas vulnerability tool, said security giant Symantec in an alert to users of its DeepSight Threat Management System.
"It's a fully-functional exploit that's shipping to [Canvas] customers," said Alfred Huger, the senior director of engineering for Symantec's security response team.
Huger believes that a working exploit will soon hit vulnerable systems. "If [Immunity] can write it, others will, too. Expect something in pretty short order."
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
The Next Generation of IT SupportThe workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device