With exploits in wild, Microsoft Windows braces for yet another critical worm attack

“A network worm attack exploiting a critical Microsoft Windows vulnerability appears inevitable, security experts warned Aug. 10,” Ryan Naraine reports for eWeek.

“Just days after the Redmond, Wash., software maker issued the MS06-040 bulletin with patches for a ‘critical’ Server Service flaw, Microsoft’s security response unit is bracing for the worst after exploit code that offers a blueprint for attacks began circulating on the Internet,” Naraine reports.

Naraine reports, “Even before the release of Microsoft’s patch, the US-CERT (Computer Emergency Readiness Team) warned that the flaw was being used in targeted attacks and that the appearance of public exploits is a sure sign that a worm attack is imminent.”

Naraine reports, “An exploit module was added to the HD Moore’s Metasploit Framework that could launch attacks against all unpatched Windows 2000 systems and some versions of Windows XP.”

Naraine reports, “Two penetration testing companies, Immunity and Core Security Technologies, have already created and released “reliable exploits” for the flaw, which was deemed wormable on all Windows versions, including Windows XP SP2 and Windows Server 2003 SP1.”

Naraine reports, “Dave Aitel, a researcher at Immunity, said his exploits are capable of launching attacks against firewall-protected Windows XP SP2. ‘A worm is coming. This bug is just too easy to exploit,’ Aitel said in an interview with eWEEK. Aitel’s company was able to reverse-engineer Microsoft’s patch and create a working exploit in less than 24 hours. Gartner Research security analyst John Pescatore said businesses should prepare for the worst.”

Full article here.

[Thanks to many MacDailyNews Readers for the heads up.]

MacDailyNews Take: Hold on… we’re laughing too hard right now… okay, here:

If you continue to repeatedly bash yourself in the face with a baseball bat, you should obviously expect to get black eyes and broken noses. When your business or school gets hit yet again, don’t forget to trot on down to the graphics department where, as usual, you’ll find the reliable Macs that’ll allow you to continue doing business while your “genius” IT staff patches up the Windows Bad Decision yet again – until the next time, of course. Just asking, but when, if ever, will you put two and two together? Hint: drop the bat, dummy.

It’s really sad that so many people have to be wary about opening email, visiting websites, chatting with presumed “buddies,” or downloading music, photos, movies or other files over the Internet. No one should have to zealously guard their computers against spyware, viruses, trojan horses, or various other types of malware. Or run a bewildering assortment of (quickly obsolete) virus-protection apps. And no one should have to run a computer to a nearby computer store, so it can be “cleaned” on a routine basis. Do you know why people put up with that? If their cars didn’t drive where they wanted to go; their TVs didn’t play what they wanted to watch; or their phones didn’t connect to the party they called, how long would they keep using them? Apple provides more info online about Mac security here.

By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious. – Apple’s “114,000 viruses? Not on a Mac.” webpage.

Related MacDailyNews articles:
US Department of Homeland Security: patch Microsoft Windows now or risk complete system compromise – August 10, 2006
CCIA wants U.S. Dept. of Homeland Security to reconsider buying ‘insecure Microsoft software’ – August 29, 2003
U.S. Department of Homeland Security says Windows vulnerable to attack – August 01, 2003
Department of Homeland Security chose Microsoft due to time and money limitations – July 21, 2003
U.S. Department of Homeland Security awards enterprise agreement to Microsoft – July 15, 2003

Get a Mac: Viruses, spyware cost U.S. consumers $7.8 billion over last two years – August 08, 2006
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Ballmer analyzes Microsoft’s One Big Mistake, Vista… er, ‘One Big’ Vista Mistake – August 02, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
What Microsoft has chopped from Windows Vista, and when – June 27, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Windows virus threatens 170-year-old Toledo newspaper’s perfect record, Apple Macs save the day – January 27, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Microsoft slammed by Slammer; failed to apply their own patches – January 28, 2003

31 Comments

  1. Now if this upcoming “worm” would just root itself so deeply and once it got on a Windoze PC and infected files files so it would even get into backups of backups, corrupting files with timebombs, wiping hard drives.

    The phone would be ringing off the hook at Apple Online Sales even more than it is already.

    The FBI top brass and the White House uses Mac’s, I wonder why?

  2. Everyone knows that Mac is far better than windows, I am at the IT department in my work and have 300 (and may be 5,000 in all the corporate offices) computers and we are using a special software to keep antivirus update and to deploy patches and it cost us so much, but the ignorants at the main office does not want us to use Macs because their are afraid of lossing their jobs. If we get mac, more than $150,000 Dlls in security software and licences will be useless, and also about 300 systems engineers will be no longer need it, that is why so many enterprises still using windows, because the IT guys does not want Macs in order to keep their jobs.

  3. O.K, Ampar impostor. You’re getting better.

    The real Ampar’s take:
    WBDs will eventually replace the threat of real or imagined WMDs.

    And a note to law enforcement:
    You’ll find bin Laden at the Islamabad Kinko’s with a few jihadist l33t haxorz whispering code exploits.

    MW: hard. Was that so hard?

  4. Artisticulated, this is how many vulnerabilities are exploited. Comparing the pre-patched and patched code. This gives the cracker insight in how the patch is supposed to work and points to the area of code, thereby highlighting it, that is vulnerable in the first place.

    The problem with these exploits is that:
    >Day -0: exploit identified, but not specific enough to crack by easy means.
    >Day 0: Patch released
    >Day 0-1: Exploit identified and crack developed, sometimes released in wild. (so called zero-day exploits)
    >Day 0+: Systems patched.

    You can see the problem, especially for larger institutional and enterprise users: that Patches cannot possibly be applied before the exploit is in the wild. Indeed it is SOP for most of these users to test the Patches on smaller, non-mission critical, pools of systems for stability and compatibility. It is often weeks to months before these Patches are widely applied to mission critical systems!

    This is primarily why homogonized system reliance is particularly vulnerable.

    zac

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.