Exploit Code Arises for Latest Windows Flaws

Adding more fuel to the fears that another Windows worm is on the horizon, security experts said Tuesday afternoon that they have seen working exploit code in the wild for the latest pair of vulnerabilities in the Windows RPC DCOM interface.

The discovery of the code, which can be used to attack the two buffer overrun flaws in the interface, comes just two days after someone posted to a security mailing list exploit code for a denial-of-service weakness in the same interface. The RPC DCOM problems are particularly troubling and potentially dangerous because they affect nearly every current version of Windows, including the new Windows Server 2003. 

A previously discovered buffer overrun in the interface was exploited by the Blaster worm that tore through the Internet in August.

The newly released exploit code gives attackers the ability to get privileged access to vulnerable machines and also allows for the creation of a new account with a preset password. The exploit tool also gives attackers the option of targeting specifically configured machines, i.e., Windows 2000 Service Pack 3 or machines that have the patch for the original RPC DCOM flaw installed but the fix for the more recent vulnerabilities, according to an analysis by iDefense Inc., based in Reston, Va.

Original Article

About the author
Stephen Schwetz

Stephen Schwetz

I collect movies TV series and acronyms after my name. I am an active ADHD and Autistic, who suffers from all the trauma of trying to fit into a social system that doesn't work for the last 46 years

The Schwarrisons

A Neurodivergent Family Trying to Fit Their Square Pegs Into the Round Holes of Life

The Schwarrisons

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to The Schwarrisons.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.