informa
/
1 MIN READ
News

Free Scanner Probes PCs For Critical Windows Bug

The Retina MS06-040 NetApi32 Scanner is available in two versions: one that scans up to 16 systems simultaneously, and another that handles up to 256 PCs.
eEye Digital Security on Thursday unveiled free software that sniffs out PCs vulnerable to a dangerous Windows vulnerability disclosed earlier this week.

"We have released a free vulnerability assessment tool for the critical, and potentially wormable, MS06-040 vulnerability," wrote Marc Maiffret, eEye's chief hacking officer, in an e-mail. "[It] does not require administrator access to machines, so it will give IT administrators a real-world perspective on where their network stands against this attack regardless of what they think they have or have not patched," Maiffret added.

The Retina MS06-040 NetApi32 Scanner is available in two versions: one that scans up to 16 systems simultaneously, another that handles up to 256 PCs. Both downloads require an e-mail address.

Microsoft has urged Windows users to patch the vulnerability detailed in security bulletin MS06-040 first, before addressing others in the Tuesday batch; meanwhile, most security analysts have pegged the Windows Server service bug as the worst of the 23 disclosed this week.

"The sooner that vulnerable machines are identified and patched, the smaller the possibility will be of a successful Internet worm attack," said Maiffret.

Retina MS06-040 NetApi32 Scanner can be downloaded from the eEye site.

The Windows 2000, XP, and Server 2003 patches for the Server flaw can be obtained via Microsoft and Windows Update services, or directly from this Microsoft site.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing