Exploit Already Out For New Windows 2000 Bug - InformationWeek
02:56 PM

Exploit Already Out For New Windows 2000 Bug

The exploit takes advantage of the most dangerous of the 14 vulnerabilities Microsoft described--and released patches for--this week.

An exploit was released Wednesday for the most dangerous of the 14 vulnerabilities that Microsoft unveiled Tuesday, making the appearance of a worm virtually a lock, said a security expert.

The exploit is against the MSDTC vulnerability within Windows, which was patched Tuesday by Microsoft and outlined in its MS05-051 security bulletin. Because the MSDTC component -- which coordinates any sort of transaction on multiple servers -- is enabled by default and remotely exploitable on Windows 2000 systems, experts fear that the bug will result in a repeat of the Zotob attacks of August. Most security analysts named the flaw as the most dangerous of Tuesday's bunch.

Wednesday, an exploit was made available to customers of Immunity Security's Canvas vulnerability tool, said security giant Symantec in an alert to users of its DeepSight Threat Management System.

"It's a fully-functional exploit that's shipping to [Canvas] customers," said Alfred Huger, the senior director of engineering for Symantec's security response team.

Huger believes that a working exploit will soon hit vulnerable systems. "If [Immunity] can write it, others will, too. Expect something in pretty short order."

The Zotob bot worm appeared just five days after the disclosure of a Plug and Play vulnerability in Windows 2000, and Huger wouldn't be surprised to see the pattern repeat.

"This vulnerability will be impossible for some [hackers] to resist," Huger said. "The target environment is just too rich."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2018 State of the Cloud
2018 State of the Cloud
Cloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
IT Budgets: Traditional Still Bigger than Cloud
Jessica Davis, Senior Editor, Enterprise Apps,  9/20/2018
Building a Smart City Doesn't Have a Common Blueprint
Guest Commentary, Guest Commentary,  9/18/2018
AWS vs. Azure: Users Share Their Experiences
Guest Commentary, Guest Commentary,  9/7/2018
Register for InformationWeek Newsletters
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll