Patch Now or Else
If you've been putting off installing the latest bundle of patches that Microsoft issued this week, it's time to reconsider. Instructions telling would-be attackers precisely how to exploit more than half of the security holes closed by the patches were released yesterday, according to alerts posted at Web site monitoring and security firm NetCraft and the SANS Internet Storm Center.
If past experience is any teacher, it's likely not long before the bad guys will start using these to install spyware, viruses etc. on vulnerable Windows machines (consider all those script-kiddie hackers on summer break from school who are bored out of their skulls just looking for something to do).
Microsoft said Thursday that there was indeed exploit code out there on the 'Net for the most serious of those vulnerabilities, a "critical" flaw in the Windows "plug and play" service that hackers could use to commandeer unpatched computers. In Internet time, it's been quite a while (*knocks on wood*) since the emergence of a really noisy and disruptive new Internet worm like Sasser or Blaster.
Both of those worms leveraged security flaws in the same Windows service wherein the plug-and-play vulnerability lies, so if there were a candidate for the next network worm, this flaw would be it. Network worms can spread without any action on the part of the victim, although personal firewall software can block such attacks, and many Internet service providers drop this type of traffic by default these days.
NetCraft notes that Microsoft has updated its advisory on the plug-and-play flaw to lash out at those responsible for releasing the exploit code, saying it is "disappointed that certain security researchers have breached the commonly accepted industry practice of withholding vulnerability data so close to update release and have published exploit code, potentially harming computer users."
Exploit instructions also are out for a series of vulnerabilities in Microsoft's Internet Explorer Web browser; again, Microsoft issued patches for the IE flaws this week. Maybe you don't have this bundle installed because of initial problems Microsoft had deploying these updates. Well, they've since fixed the problems, so no more excuses.
Finally, it appears there also are proof-of-concept exploits out for two other flaws Microsoft detailed this week, including a "critical" problem in the Windows "print spooling" service and a slightly less grave glitch in the Windows computer code for Internet telephony.
The comments to this entry are closed.