OT, Yes. Old news, No.
The fact that a group just put an exploit in the wild is something that I would like to read about. I don't install and reboot our server for every single patch that MS releases. Remember this patch has only been released 9 days. Not months like the SQL patch. Luckily, I did just install this and reboot Sunday morning and Yes our firewall will block this as well. Better to be safe, than sorry. Thanks Bruce for posting the news. Scott Tuesday, July 29, 2003, 3:06:05 PM, you wrote: ISPhuset> havent you blocked this in your firewall already or run the fix you only have yourself to blame if you get hit ISPhuset> This is old News and way of topic for this forum ISPhuset> Benny ISPhuset> -----Original Message----- ISPhuset> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bruce Barnes ISPhuset> Sent: 29. juli 2003 22:52 ISPhuset> To: [EMAIL PROTECTED] ISPhuset> Subject: [IMail Forum] Group Posts Program That Exploits Windows ISPhuset> Sorry to violate Associated Press' copyright, but this needs to be brought ISPhuset> to everyone's attention ASAP! ISPhuset> The original story is located on the eWeek web site at: ISPhuset> http://www.eweek.com/article2/0,3959,1203788,00.asp ISPhuset> Bruce Barnes, ISPhuset> ChicagoNetTech ISPhuset> July 26, 2003 ISPhuset> Group Posts Program That Exploits Windows ISPhuset> By Helen Jung, AP Business Writer ISPhuset> SEATTLE-A group in China released a program Friday that lets hackers exploit ISPhuset> a flaw in Microsoft software and take over a victim's computer over the ISPhuset> Internet. ISPhuset> The program, released nine days after Microsoft Corp. announced the flaw, ISPhuset> has turned an embarrassment for the company and inconvenience for customers ISPhuset> into a near-emergency. ISPhuset> The program, posted on the group's Web site, takes advantage of a ISPhuset> vulnerability in nearly all versions of Microsoft's Windows operating ISPhuset> system, including Windows Server 2003, touted as Microsoft's safest ever. ISPhuset> The Redmond software giant has urged corporate and home users to download a ISPhuset> free software fix, but many consumers-particularly companies with hundreds ISPhuset> or thousands of computers at risk-probably have not yet done so, said Marc ISPhuset> Maiffret, co-founder of eEye Digital Security Inc. of Aliso Viejo, Calif. ISPhuset> "Three times a year, there are (flaws) this bad," Maiffret said. "This is ISPhuset> one of those times." ISPhuset> The flaw, discovered by western Poland researchers called the "Last Stage of ISPhuset> Delirium Research Group," affects Windows technology used to share data ISPhuset> files across computer networks. It can allow attackers to seize control of a ISPhuset> victim's computer, letting them steal data, delete files and access e-mails. ISPhuset> The flaw is an embarrassment to a company that has dedicated millions of ISPhuset> dollars to its highly trumpeted Trustworthy Computing initiative, in which ISPhuset> Microsoft has been emphasizing security in writing code. ISPhuset> The Chinese group, Xfocus, did not contact Microsoft before posting the ISPhuset> sample code, said Jeff Jones, Microsoft's senior director of Trustworthy ISPhuset> Computing security. ISPhuset> "We continue to believe that publication of exploit code in cases like this ISPhuset> is not good for customers," Jones said. ISPhuset> Xfocus, described on its Web site as a nonprofit and free technology ISPhuset> organization founded in 1998, did not immediately return an e-mail request ISPhuset> for comment sent Friday by The Associated Press. ISPhuset> Russ Cooper, of Herndon, Va.-based TruSecure Corp., questioned why the group ISPhuset> chose to post the code. "I don't understand the point behind doing this," he ISPhuset> said. "This isn't healthy for the 'Net at all." ISPhuset> So far, Microsoft has not heard of any instances of the code being used. ISPhuset> Microsoft said companies with strong firewalls commonly block the type of ISPhuset> data connections that outside hackers would need for such attacks. ISPhuset> But Cooper said there are other ways to breach firewalls. He said attackers ISPhuset> could gain access by targeting legitimate users who connect into the ISPhuset> computer network from an unsecured remote location. ISPhuset> He added that the code can be used to attack one site at a time but that he ISPhuset> expects someone will soon "make the leap to turn this code to a worm" that ISPhuset> could attack Internet sites randomly, en masse. ISPhuset> Copyright 2003 Associated Press. All rights reserved. This material may not ISPhuset> be published, broadcast, rewritten, or redistributed. ISPhuset> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html ISPhuset> List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ ISPhuset> Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ ISPhuset> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html ISPhuset> List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ ISPhuset> Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ -- Scott mailto:[EMAIL PROTECTED] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
