Advertisement
Home arrow ITsec News arrow USDHS warns against Microsoft's next MsBlaster?
Saturday, 22 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
USDHS warns against Microsoft's next MsBlaster? PDF Print E-mail
User Rating: / 3
PoorBest 
Thursday, 10 August 2006

miworm The latest round of security patches were released Tuesday by Microsoft, and at least one of those has been exploited in the wild by 0day code prior to the official patch release. In an unprecedented move the US Department of Homeland Security issued a warning today about the critical nature of this flaw, urging "users apply Microsoft security patch MS06-040 as quickly as possible".

MS06-040 is the name of the patch to correct the flaw in Microsoft's Server Service affected by a buffer overrun , the same service that the August 2003's MsBlaster worm leveraged against millions of computers. Affected versions are Windows 2000, Windows XP sp1 and 2, XP Professional x64 as well as Windows Server 2003, Microsoft's flagship product.

Security researchers are also calling this "critical, and potentially wormable", at least said Mark Maiffret of eEye on the Full Disclosure mail list [ and provided a link to a  free tool to help verify if you are at risk ]. Zone-h notes that Proof of Concept exploit code has been available in penetration testing software suites such as Canvas and Core Impact for some time, and rumored to soon be available in the open source Metasploit exploitation framework.

The MsBlaster worm is often cited as the real cause of power failures in the 2nd week of August, as opposed to a tree falling down, causing wide spread cascading failure of  SCADA systems around the east coast in 2003.

In a recent article by Zone-h Fair warning: 0day Worm Storm Approaching? we predicted the possible coming of something big... 


Comments Index (Total Messages: 2)
History Comes Around the Corner Written by Guest on 2006-08-10 18:19:32
Patch or not? Written by Guest on 2006-08-11 12:12:48

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
Advertisement
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!