Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, October 10, 2008

Exploit code loose for six-month-old Windows bug

On Thursday, Microsoft revised a security advisory it first posted April 19 about a bug in Windows XP, Vista, Server 2003 and Server 2008 that could be exploited to gain additional privileges on vulnerable machines.  “Exploit code has been published on the Internet for the vulnerability addressed by this advisory,” confirmed Bill Sisk, a communications manager at Microsoft’s Security Response Center in a post to the MSRC blog.  In late March, Argentinean security researcher Cesar Cerrudo announced he had found a bug that could let attackers bypass some of the security schemes in the newest versions of the operating system, including Windows Server 2008.  “Basically, if you can run code under any service in Windows Server 2003 then you can own Windows,” he added.  Microsoft has yet to issue a fix for the flaw; since April its own move has been to recommend work-arounds for customers running Internet Information Services.

“We will continue to monitor the situation and post updates to the advisory and the MSRC blog as we become aware of any important new information,” he said yesterday.

Also on Thursday, Microsoft published its monthly pre-patch notice outlining what would be fixed next week.  Although six of the 11 expected updates will affect Windows, and two of those six will affect the editions called out by the April advisory, Microsoft does not provide enough detail prior to patching to determine whether one of those will fix the privilege elevation flaw.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9116924&source=NLT_PM&nlid=8

Posted on 10/10
WarningsPermalink