Exploits in the wild for Microsoft Workstation Service flaw

By

Two in-the-wild exploits for the Microsoft Workstation Service vulnerability appeared today, two days after the dangerous flaw was patched as part of the software giant's monthly fix cycle, researchers said.

Exploits in the wild for Microsoft Workstation Service flaw
IT security experts had predicted the memory corruption bug, which allows for attackers to assume control of an affected system and execute remote code just by gaining authentication, would soon be actively exploited after the fix. The flaw was not widely known until it was patched.

Many security firms agreed the bug was the most critical of the nine vulnerabilities patched because it affects Windows 2000 and XP platforms, leverages ports that are critical to organisations and could be used in a worm attack.

"It's not a client-side vulnerability," Jonathan Bitle, manager of technical accounts for Qualys' vulnerability research team, told SCMagazine.com today. "It's a true remotely exploitable vulnerability."

A Microsoft spokesperson told SCMagazine.com that company researchers are aware of publicly published exploit code and they are attempting to confirm its validity before issuing an advisory.

The spokesperson added that the vulnerability is rated "critical" only on Windows 2000 and carries a "low" severity on Windows XP Service Pack 2 editions.

Enterprises are urged to patch their systems as soon as possible because an available work-around, blocking access to well-known ports 139 and 445, would block business functions such as data sharing, Bitle said.

One goal of attackers might be to add infected systems to their armies of botnets, he said.

Click here to email Dan Kaplan.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
exploitsflawforinmicrosoftsecurityservicethewildworkstation

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?