Cyber Security Institute
§ Current Worries
Top 3 Worries
- Regulations
- Old Firewall Configurations
- Security Awareness
§ Listening
For the best information
- The underground
- Audible
- Executive Excellence
- Music (to keep me sane)
§ Watching
For early warnings
- 150 Security Websites
- AP Newsfeeds
- Vendors
Thursday, May 25, 2006
Exploit Of Windows 2000 Zero-Day To Hit In June
Symantec warned its enterprise customers that an unpatched vulnerability in Windows 2000’s file sharing protocol has surfaced, with details of an exploit expected to show next month.
By Immunity researcher Dave Aitel’s account, the exploit leverages a flaw in the operating system’s kernel that can be triggered through SMB, and will give an attacker full access to the PC. “An official security update from Microsoft will likely not be in development until after June when the information is released.”
Windows 2000 was last patched against an SMB vulnerability in June 2005.