Microsoft rushes to patch Windows vulnerability, hackers rush to exploit it
By Davey Winder
Monday, 27 October 2008 17:44
As we reported on Saturday Microsoft has taken the most unusual step of issuing a critical Windows security patch on a Thursday. The last time this happened was way back in April 2007 in fact.
That said it was Windows 200, XP and Server 2003 that would be most vulnerable to the remote code execution attacks if they were in receipt of the correctly crafted and malicious RPC request that could enable the running or arbitrary code without authentication.
Users of Windows Vista and Server 2008 do not escape either, as Microsoft has the patch tagged as 'important' even for them.
Unfortunately, it may be a little too late for many people. Especially those users of the older Windows systems who do not have automatic updates activated. A worm called Gimmiv has already been detected - with sample code posted online to help others exploit the security hole.
Microsoft had, one has to assume, already seen other exploits in the wild or it would not have take the emergency patching action in the first place. Unfortunately, the very act of releasing the patch in this way has alerted malicious idiots to the fact the vulnerability exists.
Since the patch announcement there has been a 25 percent increase in network scanning activity looking for this specific vulnerability. With the release of the Gimmiv source code, expect a flurry of password stealing attacks in the coming days and weeks.
It surely is just a matter of time before that code is converted into some ready made tool for the script kiddie hackers to use...
Please enable JavaScript in your browser to post your comment!
IT Institute industry certifications earn you credit towards our MBA or Master Degree qualification with Charles Sturt University. Click 
