January 30, 2008 10:03 AM PST
http://www.news.com/8301-10789_3-9861236-57.html
Video http://www.immunityinc.com/documentation/ms08_001.html
Posted by Robert Vamosi
If you needed further proof that you should always patch Microsoft Windows when Microsoft tells you to do so, there's an exploit that will target Windows XP and Windows Vista systems lacking Microsoft's first patch of 2008.
Security firm Immunity has provided its customers a workable exploit of the TCP/IP (Transmission Control Protocol/Internet Protocol) vulnerability. This is standard practice for subscribers to see whether their system is vulnerable to an attack. However, the presence of an exploit (even one provided under contract) increases the likelihood that someone may offer it or something like it for free on the Internet.
Details of the exploit remain hidden behind a registration system, but a public video is available.
A successful exploit could allow an attacker to take complete control of an affected system and, according to Microsoft, "install programs; view, change, delete data; or create new accounts with full user rights."
If you haven't updated your system with the latest Microsoft patches, you can download MS08-001 here, or update your whole system here.
留言列表
