http://arstechnica.com/business/news/2012/03/suspicions-arroused-as-exploit-for-critical-windows-bug-is-leaked.ars
By Dan Goodin
Ars Technica
March 16, 2012
Attack code privately submitted to Microsoft to demonstrate the severity
of a critical Windows vulnerability is circulating on the 'Net,
prompting the researcher who discovered it to say it was leaked by the
software maker or one of its trusted partners.
The precompiled executable surfaced on Chinese-language web links such
as this one on Thursday, two days after Microsoft released a patch for
the hole, which affects all supported versions of the Windows operating
system. The company warned users to install the fix as soon as possible
because the vulnerability allows attackers to hit high-value targets
with self-replicating exploits that remotely install malicious software.
Microsoft security personnel have predicted exploit code will be
independently developed in the next month.
Luigi Auriemma, the Italian security researcher who discovered the
vulnerability and submitted proof-of-concept code to Microsoft and one
of its partners in November, wrote in an email that he's "100% sure" the
rdpclient.exe binary was taken from the exploit he wrote. In a later
blog post, he said evidence his code was copied included an internal
tracking number the Microsoft Security Response Center assigned to the
vulnerability. He also cited other striking similarities in the packet
that triggers the vulnerability.
"So yes, the pre-built packet stored in 'rdpclient.exe' IS mine," he
wrote. "No doubts."
[...]
______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now. A free class invite is in every
PainPill. Sign up for the free weekly PainPill . It's that easy.
http://www.expandingsecurity.com/PainPill
