Exploit code has started appearing on hacking websites for a critical
Microsoft flaw less than
three days after the patch was released.
The patch
(MS05-039)
addresses a flaw in the Windows Plug-and-Play system, which automatically
recognises and configures devices as they are plugged in to the computer.
Security testers at
eEye claim to have found two
separate examples of working exploit code in the past few hours that could give
full control of a target PC.
"On discovering two instances of exploit code online, the research team
conducted thorough testing to confirm that both present a legitimate threat to
Windows 2000 systems (completely patched Service Pack 4 with all hotfixes),"
said the company in an alert.
"One exploit, released by an anonymous author, will bind a command prompt to
TCP port 8721. Users should consider this patch highly critical, and should
install it as soon as possible."
Computers running Windows XP and Server 2003 are also at risk, although the
exploit is more difficult to use on these machines. Microsoft is urging all
users to apply the patch as quickly as possible.
EEye has a
free
scanning utility for computer users to test whether they are vulnerable.
Do you agree?
Have your say on this article