Print
Discuss
Send to friend
RSS feedsAttackers have created exploits that use flaws in Microsoft Windows for which Redmond released patches only last Tuesday.
The exploits are proofs of concept, meaning that they demonstrate the flaw without causing any harm. But attackers can use the concept code to create their attacks.
The French Security Incident Response Team published details about the first exploit on Wednesday.
The code demonstrates how a specially created BMP image file in the Windows Media Player could allow an attacker to run arbitrary code on victim PCs.
Microsoft patched the vulnerability on Tuesday as part of its monthly patch release cycle. It rated the flaw as 'critical'.
Online criminals have significantly increased the speed at which they exploit newly published security flaws in software in an effort to infect systems before users update.
Such attacks typically aim to steal confidential information such as credit card information or seek to recruit new computers for botnets that are rented out to send spam and launch online extortion schemes including distributed denial of service attacks.
See also:
Devices are still failing to deliver ease of use and reliability 17 Feb 2006
As online trust is eroding, consumers shun internet businesses 16 Feb 2006
'Pin-point' products fail to look at the bigger picture, argues John Chambers 16 Feb 2006Money, not technology, can solve the sorry state of computer security 15 Feb 2006Security chips reach ubiquity in the enterprise 14 Feb 2006
February Patch Tuesday fixes at least two critical flaws 10 Feb 2006
Surprisingly low ranking in the spam charts could be down to port 25 block 10 Feb 2006All Bugs & Fixes
del.icio.us
Digg this
reddit!
