Microsoft bug receives US-CERT alert

Stan Beer
Thursday, 10 August 2006 17:40

Business IT - Security

In a rare acknowledgement from a US Government agency of a critical software security bug, the US Computer Emergency Readiness Team (US-CERT), has issued an alert about one of the critical bugs in Microsoft Windows addressed in the software company's August Patch Tuesday fixes.

The software flaw labelled MS06-040 in the Microsoft Security Bulletin concerns Server service, which involves sharing resources such as storage and printers on networks.

The flaw is considered so serious that it has been acknowledged by security specialists as the worst of the 23 vulnerabilities, including 16 critical flaws, for which patches were issued this week.

The problem identified by US-CERT involves a stack-based buffer overflow which exists in the Microsoft Server service. If a remote attacker sends a specially crafted packet to a vulnerable Windows system, the attacker could trigger a buffer overflow and remotely execute code on the target system.

"A remote, unauthenticated attacker may be able to execute arbitrary code with SYSTEM privileges," US-CERT states on its website.

According to US-CERT, the agency has received reports that the vulnerability is actively being exploited and some specialists say that targets may not even know that they've been hacked.

Microsoft itself has given recognition to the fact MS06-040 stands above the rest of the identified vulnerabilities this month and has issued a recommendation that users give priority to patching MS06-040 ahead of the other critical flaws.