Attack code surfaces for latest Windows vulnerability
- 0
- Add a Comment
- No Related Post
“…Two examples of “exploit” code for a buffer overrun in the Windows Workstation Service were posted to security-related Internet discussion groups at the weekend. Both exploits have been tested and work, according to Dan Ingevaldson, director of X-Force at Internet Security Systems Inc. (ISS).
The Workstation Service vulnerability was disclosed by Microsoft in Security Bulletin MS03-049 on 11 November. The service is turned “on” by default in Windows 2000 and Windows XP systems and allows computers on a network to connect to file servers and network printers, Microsoft said.
Both the CERT Coordination Center at Carnegie Mellon University and ISS issued advisories last week regarding the Workstation vulnerability, warning that it was easy to exploit and well suited to use by self-spreading Internet worms.”