Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2976
Total: 2979









Author Topic: After Buggy Patch, Criminals Exploit Windows Flaw in Windows 2000 (Metasploit)  (Read 4271 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Online criminals are scanning the Internet and attacking Windows 2000 machines that haven't had a recent Windows Media Service patch installed, Symantec said Wednesday.

Symantec first spotted the attacks on Monday, saying that they are extremely limited. Symantec's detection network picked up just a handful of attempts, but the code used in the attacks is new and gives hackers a way to take over a system.

The attacks are the latest development in a troublesome patch for Microsoft. The company released its MS010-025 update on April 13: http://www.microsoft.com/technet/security/bulletin/ms10-025.mspx , but was forced to reissue the patch two weeks later after discovering that its original patch didn't fix the problem.

The Metasploit open-source hacking toolkit has published code that exploits the flaw, but whoever is behind these attacks isn't using that software, Symantec Security Inteligence Manager Joshua Talbot, said in an interview Wednesday. "Somebody's done some homework on their own and developed their own exploit," he said.

When the attack works -- Symantec says that it often doesn't and simply causes the victim's computer to crash -- the attacker uploads several password logging tools, and also enables remote desktop access.

Because the attack only works on Windows 2000 users who have not blocked the Windows Media Service's port 1755 at the firewall, the vast majority of Microsoft's customers have nothing to fear.

"It's interesting to know that someone out there is taking the time to write an exploit for this and then scan for uncommon configurations," Talbot said. "People should keep that in mind, even though this isn't necessarily a very high-profile issue."

Microsoft couldn't immediately be reached for comment about the attacks.

(PCW)

Samker's Computer Forum - SCforum.info


luffy

  • SCF Member
  • **
  • Posts: 44
  • KARMA: 13
I have a laptop running Windows 2000. I only use it to play old game. No Internet access. I don't understand why people still use Windows 2000 for business?

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
I don't understand why people still use Windows 2000 for business?

In my opinion because of this ;) : "The normal thing for IT is not to muck around with something that works," said Wolfgang Kandek, chief technology officer for Qualys": http://scforum.info/index.php/topic,4219.0.html

Do you agree??

luffy

  • SCF Member
  • **
  • Posts: 44
  • KARMA: 13
I don't understand why people still use Windows 2000 for business?

In my opinion because of this ;) : "The normal thing for IT is not to muck around with something that works," said Wolfgang Kandek, chief technology officer for Qualys": http://scforum.info/index.php/topic,4219.0.html

Do you agree??
I think hacker will 100% agree to what he said. What's an idiot IT. Do not update until the whole company gets hacked. That is a lot of work to fix.

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023