“A network worm attack exploiting a critical Microsoft Windows vulnerability appears inevitable, security experts warned Aug. 10,” Ryan Naraine reports for eWeek.
“Just days after the Redmond, Wash., software maker issued the MS06-040 bulletin with patches for a ‘critical’ Server Service flaw, Microsoft’s security response unit is bracing for the worst after exploit code that offers a blueprint for attacks began circulating on the Internet,” Naraine reports.
Naraine reports, “Even before the release of Microsoft’s patch, the US-CERT (Computer Emergency Readiness Team) warned that the flaw was being used in targeted attacks and that the appearance of public exploits is a sure sign that a worm attack is imminent.”
Naraine reports, “An exploit module was added to the HD Moore’s Metasploit Framework that could launch attacks against all unpatched Windows 2000 systems and some versions of Windows XP.”
Naraine reports, “Two penetration testing companies, Immunity and Core Security Technologies, have already created and released “reliable exploits” for the flaw, which was deemed wormable on all Windows versions, including Windows XP SP2 and Windows Server 2003 SP1.”
Naraine reports, “Dave Aitel, a researcher at Immunity, said his exploits are capable of launching attacks against firewall-protected Windows XP SP2. ‘A worm is coming. This bug is just too easy to exploit,’ Aitel said in an interview with eWEEK. Aitel’s company was able to reverse-engineer Microsoft’s patch and create a working exploit in less than 24 hours. Gartner Research security analyst John Pescatore said businesses should prepare for the worst.”
Full article here.
[Thanks to many MacDailyNews Readers for the heads up.]
MacDailyNews Take: Hold on… we’re laughing too hard right now… okay, here:
If you continue to repeatedly bash yourself in the face with a baseball bat, you should obviously expect to get black eyes and broken noses. When your business or school gets hit yet again, don’t forget to trot on down to the graphics department where, as usual, you’ll find the reliable Macs that’ll allow you to continue doing business while your “genius” IT staff patches up the Windows Bad Decision yet again – until the next time, of course. Just asking, but when, if ever, will you put two and two together? Hint: drop the bat, dummy.
It’s really sad that so many people have to be wary about opening email, visiting websites, chatting with presumed “buddies,” or downloading music, photos, movies or other files over the Internet. No one should have to zealously guard their computers against spyware, viruses, trojan horses, or various other types of malware. Or run a bewildering assortment of (quickly obsolete) virus-protection apps. And no one should have to run a computer to a nearby computer store, so it can be “cleaned” on a routine basis. Do you know why people put up with that? If their cars didn’t drive where they wanted to go; their TVs didn’t play what they wanted to watch; or their phones didn’t connect to the party they called, how long would they keep using them? Apple provides more info online about Mac security here.
By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious. – Apple’s “114,000 viruses? Not on a Mac.” webpage.
Related MacDailyNews articles:
US Department of Homeland Security: patch Microsoft Windows now or risk complete system compromise – August 10, 2006
CCIA wants U.S. Dept. of Homeland Security to reconsider buying ‘insecure Microsoft software’ – August 29, 2003
U.S. Department of Homeland Security says Windows vulnerable to attack – August 01, 2003
Department of Homeland Security chose Microsoft due to time and money limitations – July 21, 2003
U.S. Department of Homeland Security awards enterprise agreement to Microsoft – July 15, 2003
Get a Mac: Viruses, spyware cost U.S. consumers $7.8 billion over last two years – August 08, 2006
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Ballmer analyzes Microsoft’s One Big Mistake, Vista… er, ‘One Big’ Vista Mistake – August 02, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
What Microsoft has chopped from Windows Vista, and when – June 27, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Windows virus threatens 170-year-old Toledo newspaper’s perfect record, Apple Macs save the day – January 27, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Microsoft slammed by Slammer; failed to apply their own patches – January 28, 2003
Wait, so the patch released by Microsoft was reverse engineered to provide the means to defeat it?
Just so we’re clear.
shouldnt laugh to hard, our hospitals, airports etc etc etc all use windows remember, these exploits can effect us mac users in other way indirectly remember!
Like with many Windows vulnerabilities, they used the patch to create the worm. So only unpatched systems are vulnerable. Microsoft’s problem is, if they leave the problem there, someone will eventually find it and wreak havoc. If they patch it, someone will take the patch and wreak havoc on unpatched systems.
They could avoid all this trouble by writing a secure OS in the first place, but I digress…
Macintosh: Because it feels so good when you stop (using Windows; hitting yourself in the face; <insert your own metaphor here>)
Artisticulated,
No. They took the MS patch and used it to figure out the exploit. The exploits they created and others like them in the wild will affect unpatched systems that are vulnerable, of which there will be tens of millions.
This could very well be a big one.
Hopefully these patches are of the timed-release variety … you know, like the kind you stick on your fat belly when you’re trying to quit the cancer sticks.
That way you’d end up with long-term relief from Microsoft’s “quality”.
I think the message is simply that Windows sucks. But those with intelligence already knew that a long time ago.
This is were IT gets to validate themselves. This is what they live for!
Have fun guys
Yeh-heh-hehesssss . . . this is kind of like getting a vaccination from your doctor only to get a heart attack from de bill on de way out de door.
Dis is getting pathetic…
don’t you see? iran’s upcoming deadline, the israel-hezbala conflict, and now an impending massive network exploit, all funded by iran. everything is coming together! brace for wwIII and get a mac.
Active Minds,
Getting pathetic? This is infinitely beyond pathetic.
People who use still use Windows are stupid. There really can’t be any other excuse at this point.
Now if this upcoming “worm” would just root itself so deeply and once it got on a Windoze PC and infected files files so it would even get into backups of backups, corrupting files with timebombs, wiping hard drives.
The phone would be ringing off the hook at Apple Online Sales even more than it is already.
The FBI top brass and the White House uses Mac’s, I wonder why?
Whacked in the wild with windblown, wussy windows—What?
Everyone knows that Mac is far better than windows, I am at the IT department in my work and have 300 (and may be 5,000 in all the corporate offices) computers and we are using a special software to keep antivirus update and to deploy patches and it cost us so much, but the ignorants at the main office does not want us to use Macs because their are afraid of lossing their jobs. If we get mac, more than $150,000 Dlls in security software and licences will be useless, and also about 300 systems engineers will be no longer need it, that is why so many enterprises still using windows, because the IT guys does not want Macs in order to keep their jobs.
If it turns out Iran or North Korea buys 10,000 3Ghz Mac Pros for its “peaceful” research programs, even I might become pro-war.
O.K, Ampar impostor. You’re getting better.
The real Ampar’s take:
WBDs will eventually replace the threat of real or imagined WMDs.
And a note to law enforcement:
You’ll find bin Laden at the Islamabad Kinko’s with a few jihadist l33t haxorz whispering code exploits.
MW: hard. Was that so hard?
Artisticulated, this is how many vulnerabilities are exploited. Comparing the pre-patched and patched code. This gives the cracker insight in how the patch is supposed to work and points to the area of code, thereby highlighting it, that is vulnerable in the first place.
The problem with these exploits is that:
>Day -0: exploit identified, but not specific enough to crack by easy means.
>Day 0: Patch released
>Day 0-1: Exploit identified and crack developed, sometimes released in wild. (so called zero-day exploits)
>Day 0+: Systems patched.
You can see the problem, especially for larger institutional and enterprise users: that Patches cannot possibly be applied before the exploit is in the wild. Indeed it is SOP for most of these users to test the Patches on smaller, non-mission critical, pools of systems for stability and compatibility. It is often weeks to months before these Patches are widely applied to mission critical systems!
This is primarily why homogonized system reliance is particularly vulnerable.
zac
Akido and Fred Mertz hit the nail on the head!
Victor: For the same reason, the US will never be rid of the IRS. There’s too much money in fixing tax problems.
Victor:
You hit a very good point – the use of Windows allows people, particularly in IT, to keep their jobs. These same people could very well take some time to work on Macs instead and become even more valuable. Even though Macs are far superior they are still machines. Machines breakdown now and again so, there is still the need for someone to keep an eye on those machines.
It also comes down to fear of change. People don’t like what they don’t understand.
I had a hell of a time trying to get a client to switch from PowerPoint to Keynote – because of the fear of change. Now, the client swears by Keynote.
MDN “Followed”: Help! I’m being followed by a Zune!!!
Victor….ssssssssshhhhhhhhh, they’ll hear you.
Let’s please spin the ‘IT dept will lose jobs if we go Mac’ arguement this way:
It’s an OPPORTUNITY for management to pay IT staff do to productive stuff with the company computer system rather than pay them to troubleshoot all day.
They’ll spend less time on maintenance and have time to do more with existing machines. What exactly? I don’t know. I’m not in IT but i’m sure there’s a ton that can be done. Suggestions?
Akido said “They could avoid all this trouble by writing a secure OS in the first place, but I digress…”
Microsoft is digressing also, for about 5 years and counting. With all that time, one might expect them to cook up one helluva panoramic Vista, but more likely it will be a view through a peephole.
Ampar (the real one)
Yes, but there is hope – the FairTax movement has a bill, HR 25 that would abolish the IRS and replace the freakin’ tax code with something resembling fair and sane.
Email your congressman, or go to http://www.fairtax.org and add your voice!
Just a friendly reminder from a rabid IRS-hater…