Microsoft has revealed that more than 10,000 PCs have been hit by attacks exploiting a publicised flaw in the Windows Help and Support Center.
A post yesterday on the Microsoft Malware Protection Center’s Threat Research and Response blog highlighted that the number and frequency of attacks has changed significantly since the advisory was first released on 10 June.
“At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged,” wrote Holly Stewart, a senior program manager with MMPC.
“Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up and are no longer limited to specific geographies or targets, and we would like to ensure that customers are aware of this broader distribution.”
Users in Portugal and Russia seem to have been hit the most frequently, with most falling victim to “seeing seemingly-automated, randomly-generated html and php pages” hosting the exploit, she added.
The attack was first disclosed by Google security engineer Tavis Ormandy, but security experts were quick to denounce his actions in disclosing before Microsoft had time to develop a fix.