Last week Microsoft confirmed a flaw exists in its implementation of Abstract Syntax Notation (ASN) which could be exploited by an attacker to remotely run malicious code and take control of the target. ASN is used to describe communications protocols, and used indirectly by a multitude of services on Windows platforms.
All versions of Windows are affected, and Microsoft has released a patch, some six months after being notified of the flaw by researchers eEye Digital.
A report from Gartner, written by analysts including senior security analyst John Pescatore, warns the ASN vulnerability "presents attackers with the opportunity to unleash another MSBlast-class worm outbreak...mass attacks will almost inevitably attempt to exploit this vulnerability within the next few weeks."
Last August Blaster spread across the world in a matter of hours, bringing networks to a crawl as it scanned for new targets, and launched a denial of service attack against windowsupdate.com.
The patch is available from Microsoft here: http://www.microsoft.com/technet/security/bulletin/MS04-007.asp
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
