Microsoft is gearing up for a disruptive attack, "similar to the Zotob worm that hit several high-provide targets in August 2005," says eWeek.
At the time, F-Secure's Mikko Hyppönen wrote of the worm, "this one was using a brand new exploit against a brand new vulnerability: the MS05-039 PnP hole."
Now, anyone using Microsoft Windows, users, especially businesses running Windows 2000, should pay attention to a special warning about exploit code that zeroes in on a vulnerability Microsoft has labeled "critical".
The code was released by security consultant H.D. Moore, "as part of the Metasploit Framework, an open-source tool for penetration testing and exploit development," says the story.
Microsoft's security response unit, "is strongly urging" Windows users to patch vulnerabilities detailed in MS06-025, "because of the potential for a worm attack," says the story, going on:
"The MS06-025 bulletin provides fixes for a pair of code execution flaws in the RRAS (Routing and Remote Access Service) in Windows. On Windows 2000 systems, the flaws carry a "critical" rating because it presents a remote unauthenticated attack vector.
"Both flaws could allow a remote attacker to take "complete control" of an affected system and because of the "blow-by-blow" description of the exploit, "Microsoft is bracing for the possibility of a disruptive attack similar to the Zotob worm that hit several high-provide targets in August 2005," says eWeek.
Patches for Microsoft Windows Server 2003, Windows Server 2003 Service Pack 1, and Windows Server 2003 x64 Edition also apply to Windows Server 2003 R2, says Microsoft, also pointing out Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me) aren't affected.
Also See: Zotob worm - Zotob creators arrested, August 27, 2005 brand new exploit - Zotob worm outbreak, August 23, 2005 eWeek - 'Detailed Exploit' Published for Critical Windows Flaw, June 26, 2006
