{"id":398,"date":"2006-08-12T04:56:07","date_gmt":"2006-08-11T21:56:07","guid":{"rendered":""},"modified":"2006-08-12T04:56:07","modified_gmt":"2006-08-11T21:56:07","slug":"windows-worm-warnings-no-joke","status":"publish","type":"post","link":"https:\/\/deepquest.code511.com\/blog\/2006\/08\/windows-worm-warnings-no-joke\/","title":{"rendered":"Windows Worm Warnings No Joke"},"content":{"rendered":"<p>As the spotlight on a dangerous Windows vulnerability grows brighter by the hour, security analysts Thursday said that it&#8217;s not hype driving the alarms, but genuine fear that a major worm attack is just days away.<br \/>\n&#8220;This is no drill,&#8221; said Mike Murray, director of research at vulnerability management vendor nCircle. &#8220;And no, this isn&#8217;t an overreaction. We&#8217;ve always said that some day there would be another big, serious vulnerability.<\/p>\n<p>&#8220;Well, this is the one.&#8221;<!--more--><\/p>\n<p>The bug in question is one of 23 patched Tuesday by Microsoft, and one of 16 tagged by the Redmond, Wash. software developer as &#8220;critical.&#8221; It affects all currently-supported versions of Windows, can be exploited without end users lifting a finger, and in some experts&#8217; eyes, rivals the bug that led to 2003&#8217;s destructive MSBlast attack.<\/p>\n<p>Recent developments have turned up the heat over the vulnerability spelled out in Microsoft&#8217;s MS06-040 security bulletin. Wednesday, Department of Homeland Defense (DHS) called out a rare warning, and Microsoft acknowledged that the patch should be at the top of every computer user&#8217;s or administrator&#8217;s to-do list.<\/p>\n<p>Wednesday, the DHS, which also operates the United States Computer Emergency Readiness Team (US-CERT), took the unusual step of issuing its own warning. &#8220;Windows users are encouraged to avoid delay in applying this security patch,&#8221; said the DHS release. &#8220;This vulnerability could impact government systems, private industry, and critical infrastructure, as well as individual and home users.&#8221;<\/p>\n<p>Earlier that day, Microsoft said &#8220;we are recommending that customers give priority to MS06-040.&#8221;<\/p>\n<p>Thursday&#8217;s deepening concern was fueled by several releases of new exploit code. HD Moore, co-creator of the Metasploit Framework, took his exploit for the MS06-040 vulnerability public early in the day. Later, after Symantec&#8217;s research team confirmed that Moore&#8217;s code, which targets Windows 2000, XP, and Server 2003, results in a denial-of-service (DoS) attack, repeated its previous warning to &#8220;patch as soon as possible.&#8221;<\/p>\n<p>Other analysts agreed, and more.<\/p>\n<p>&#8220;Because it&#8217;s been added to the Metasploit Framework, a lot of hackers will be look at [Moore&#8217;s exploit code],&#8221; said Ken Dunham, the rapid response team director at security intelligence firm VeriSign iDefense. &#8220;With some tweaking, his code could potentially be turned into a worm.&#8221;<\/p>\n<p>The availability of exploit code, even rudimentary code that doesn&#8217;t yet let an attacker hijack a PC, along with the scope of the vulnerability, means that it&#8217;s guaranteed MS06-040 will get lots of attention. But whether it ends up as a worm ala 2003&#8217;s MSBlast is still uncertain, Dunham said.<\/p>\n<p>more from [url=http:\/\/www.techweb.com\/wire\/security\/191901665;jsessionid=ZJFAQAJIQMSV0QSNDLRCKH0CJUNN2JVN]Tech Web[\/url]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Windows Worm Warnings No Joke<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-398","post","type-post","status-publish","format-standard","hentry","category-m"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4bBYZ-6q","_links":{"self":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/398","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/comments?post=398"}],"version-history":[{"count":0,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/398\/revisions"}],"wp:attachment":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/media?parent=398"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/categories?post=398"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/tags?post=398"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}