
It seems that last Tuesday's security update has been
compromised by malware authors who have created an exploit for it...However, luckily the exploit only works on systems running Windows 2000 or Windows XP without any service packs or service pack 1.
The attack uses a vulnerability that Microsoft described in security bulletin MS06-040. It describes a buffer overflow vulnerability in the Windows Server component, affecting Windows 2000, Windows XP and Windows Server 2003. Attackers can contact the affected component through TCP ports 139 and 445. Both ports are used for NetBIOS sessions including Windows File and Printer sharing.
Bojan Zdrnja with the SANS Internet Storm Center and a security researcher for the University of Auckland warned that the code will cause more widespread attacks as less sophisticated virus writers start creating copy-cat malware.






Comment Preview