Malware targets holes Microsoft already plugged
,----[ Quote ]
| The Sans Internet Storm Centre has warned of exploit code for three
| vulnerabilities Microsoft plugged earlier this month.
|
| Microsoft had slapped a severity rating of 'critical' on two of the
| exploited vulnerabilities, when plugging them.
|
| [...]
|
| The first flaw affects the Server component of Windows that could allow
| an attacker to take control of a system. Virus-busting McAfee warned
| that hackers could exploit the hole to launch a worm outbreak.
|
| [...]
|
| A second exploit targets a vulnerability in the DHCP Client Service
| that could lead to a buffer overflow, allowing an attacker to take
| control of a system. The flaw affects several versions of Windows
| including XP and Server 2003.
`----
http://www.theinquirer.net/default.aspx?article=33246
Worth repeating:
Even Vista is found to be hijackable, 6 months before its release.
,----[ Quote ]
| "We discovered a number of implementation flaws that continued to allow
| a full machine compromise to occur," Matthew Conover, principal
| security researcher at Symantec, wrote in the report titled "Attacks
| against Windows Vista's Security Model."
`----
http://news.zdnet.com/2100-1009_22-6097976.html
This does not even involve Office or any addon software.
|
|
