Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
Researcher Warns Of Thanksgiving Attacks On Windows
Exploits against the vulnerability in Microsoft's XML Core Services will probably jump next week, one security analyst says.
November 17, 2006
1 Min Read
Windows users can expect attacks against a just-patched Windows vulnerability to ratchet up next week during the Thanksgiving Day holiday in the U.S., a security researcher warned Friday.
According to Ken Dunham, director of the iDefense rapid response team, exploits against the vulnerability patched by MS06-071, "Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution," will probably jump next week.
"MS06-071 is likely to be exploited and popularized by hackers over the coming holiday week in the U.S.," Dunham said.
The Tuesday fix to various versions of XML Core Services was in response to active, public attacks that had begun the week before. With attacks already ongoing, Microsoft pegged the flaw as "critical," its highest threat ranking.
Dunham also said that iDefense, a Reston, Va.-based security intelligence firm, has been tracking exploits leveraging the bug patched by Tuesday's MS06-070. Like other security vendors, iDefense confirmed that at least two exploits that work on Windows 2000 are in circulation.
Microsoft has also added its voice to the chorus on MS06-070; a security advisory issued late Thursday acknowledged the active exploits, urged users to apply the update as soon as possible, and reminded them that a patched PC was immune to the attacks.
The security advisory can be found on the Microsoft Web site.
You May Also Like
University of Minnesota Uses Entuity to Strategically Manage and Upgrade Complex Network Environment
ESM Best Practices
NIST Cybersecurity Framework 2.0: Changes, impacts, and opportunities for your InfoSec program
2023 Cloud Security Report
2022 Retrospective: The Emergence of the Next Generation of Wi-Fi