Microsoft Says Windows Flaw Could Bring Worm Attack

By Robert McMillan
Thu, October 23, 2008
. What's this?

IDG News Service —

Microsoft (MSFT) fixed a critical bug in its Windows operating system Thursday, saying that it is being exploited by online criminals and that it could eventually be used in a widespread "worm" attack.

Microsoft took the unusual step of issuing an emergency patch for the flaw, several weeks ahead of its regularly scheduled November security updates, saying that it is being exploited in "limited targeted attacks."

"It is possible that this vulnerability could be used in the crafting of a wormable exploit. If successfully exploited, an attacker could then install programs or view, change, or delete data; or create new accounts with full user rights," Microsoft said in a bulletin released Thursday morning.

The flaw lies in the Windows Server service, used to connect different network resources such as file and print servers over a network. By sending malicious messages to a Windows machine that uses Windows Server, an attacker could take control of the computer, Microsoft said.

In a blog posting, Microsoft spokesman Christopher Budd said his team became aware of the attacks about two weeks ago, when it found a small number of "targeted" attacks against XP systems. Because the flaw was wormable, and since the patch could be worked up quickly, Microsoft decided to rush out its update ahead of the company's Nov. 11 security release, Budd said.

Microsoft has not rushed out an emergency patch in this fashion since April 2007, but it has done this a handful of times since 2003, when the company moved to monthly security updates. Typically, these fixes are rushed out when attackers have already begun to exploit the vulnerability in widespread attacks.

Although firewalls would typically prevent this latest attack from spreading across the Internet, it could wreak havoc within corporate local area networks, much as the Zotob computer worm did back in 2005.

Users whose firewalls block TCP (Transmission Control Protocol) ports 139 and 445 (these ports are usually blocked by home firewalls) could not be hit via the Internet, Microsoft said in a note on the problem. "In this scenario, only the machines in your local LAN will have the ability to exploit this vulnerability."

Zotob affected Windows 2000 systems, but this bug is rated critical for three versions of Windows: Windows 2000, Windows XP and Windows Server 2003 systems. It is rated as a less-serious flaw for the Windows Vista and Server 2008 systems, which require additional authentication from computers on the network.

Although the attack code used to exploit this flaw has not been publicly released, Microsoft felt that the bug was serious enough that it needed to rush out a patch, said Andrew Storms, director of security operations at nCircle, who has been briefed on the issue with Microsoft's security team.

Continue Reading

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
Mobile Middleware Strategies
Learn why a mobile development platform is critical to be able to support today's complex enterprise mobility strategies. Learn what to look for in a mobile development platform and how apply these tools whether you're developing a dedicated app for one device or multiple apps running across multiple devices.
Native & HTML5 Mobile Apps: Not an either or, but a where and when
Learn how developers are using HTML5 and native development methods to build mobile apps. Get practical insights on how these tools are being used, what's driving their usage, and how to choose the best development approach for your business.
The Evolution of Enterprise Mobile App Development
Driven by explosive growth in smartphone and tablet sales, enterprise mobility has become an essential part of business. Organizations across industries are developing internal- and external-facing mobile applications that drive revenue, build brand loyalty, strengthen communication with partners, and enhance employee productivity. Learn how keeping pace in this market requires an agile, flexible, and iterative approach to application development.
AlertBoot Case Study
When AlertBoot switched to the cloud it needed a load balancing solution that would support its migration and prevent as much downtime as possible. The company chose Riverbed® Stingray™ Traffic Manager to use while transitioning its infrastructure to an entirely virtualized environment. The move was a complete success, at one-third the cost of comparable hardware solutions.
Gilt Groupe Case Study
With over 5,000 requests per second during peak periods, online retailer Gilt Groupe could lose a large percentage of its daily profits in just 10 minutes of downtime. After choosing the Riverbed® Stingray™ Traffic Manager as its load balancing solution, visits to the site have increased thanks to improved customer satisfaction. Real-time traffic views and tracking also make it easy to strategize and plan for the future.
See Tickets Case Study
With 85 percent of its ticket sales made online, See Tickets needed a robust, secure, highly accessible website. The company chose the Riverbed® Stingray™ Traffic Manager to ensure that its site was always online and fast, even during extreme peaks in traffic. Now the company's valued customers receive optimal online service.
Webcasts »
Leverage automation today to reduce IT complexity
Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific needs or traditional under investment, the net effect is usually the same: high cost and lower productivity. Enabling business-to-business (B2B) integration using point-to-point EDI translators is usually time intensive and cost prohibitive.

Join IDC's Maureen Fleming and SAP for an insightful Webcast on the different approaches companies are taking to B2B integration and how you can ask the right questions to reassess you B2B approach.
Delivery Management -- Extending Lifecycle Management
Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs, project delays, lower quality, and time-to-market delays. Providing a collaborative platform where the whole organization can prioritize, share and manage deliveries with more transparency can help the organizations make more informed decisions at all levels, and greatly improve communications and traceability between teams. Hear from application lifecycle management experts how to increase delivery efficiency and effectiveness with a new approach to Delivery Management.
Operational Analytics - Changing the Competitive Dynamics of the Business
Date/Time: June 5, 2012, 11:00 a.m., EDT, 4:00 p.m. BST / 3:00 p.m. UTC

Please join us for this webcast, as Dr. Barry Devlin, Founder and Principal, 9sight Consulting, describes what operational analytics can do for your business and reviews an architectural approach that will enable you to make it a reality.
BMC Control-M - Single Point of Control Demo
With BMC Control-M, you schedule and manage everything - down to the very last platform and application - from one simple interface. It's the foundation of workload automation, really - the ability to run application and business processes as one. Siloed job schedulers can't do it. BMC Control-M can.
Sun Chemical Customer Success Story
Sun Chemical, the world's largest producer of printing inks and pigments, quadrupled its complex batch environment with zero extra headcount using BMC Control-M's Automated File Transfer features.
Spear Phishing and the Modern Cyber Attack
Learn how IT teams can protect against spear phishing tactics. Harry Sverdlove, chief technology officer of Bit9 offers a frank discussion about spear phishing - the most common technique used in today's advanced attacks. Learn how spear phishing works and three recommendations for IT to protect against modern threats.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Mobile Middleware Strategies

Native & HTML5 Mobile Apps: Not an either or, but a where and when

The Evolution of Enterprise Mobile App Development

AlertBoot Case Study

Gilt Groupe Case Study

See Tickets Case Study

STA Travel Case Study

Socialbomb Case Study

Triboo Case Study

PCI DSS Compliance with Stingray Application Firewall Module

PCI DSS Compliance with Stingray Application Firewall Module

Traffic Valuation and Prioritization with Riverbed Stingray Traffic Manager

Virtualization: Benefits, Challenges, and Solutions

Dynamic Video Collaboration in SharePoint

HP Reference Configuration for Premium OLTP

Accelerate Online Transaction Processing (OLTP) database workloads

The CFO Guide to Budgeting Software

Transition from Spreadsheet Budgets to Packaged Application

Better Cash Flow Management: Recession-Proof Your Business

Deliver Cost-Effective Business Continuity with Extreme Capacity
Sponsored Links

High performance. Delivered. Click to see Accenture's client successes

Master the cloud with the power of convergence from HP

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Click to see how Accenture has delivered high performance to clients

Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords