Network News

X My Profile
View More Activity

Exploits Released for Newly Patched Windows Flaws

If you're a Windows user and have been putting off installing the latest round of patches Microsoft issued Tuesday, it's time to stop procrastinating: Programs that demonstrate how attackers might weild several of the flaws addressed by those patches have been posted publicly online, and it's only a matter of time before the bad guys start using them to break into vulnerable computers.

At least four different exploits have been found, two of which exploit a weakness in Windows Media Player, and another pair that target a problem with the Microsoft plug-in that extends some Media Player features to non-Microsoft browsers like Firefox and Opera. Security Fix had a writeup about these patches on Tuesday.

Many people who use Windows Update and Microsoft's automatic update service reported problems installing one of Tuesday's fixes, MS06-007. One of my Windows PCs that is configured to download patches automatically also had this problem, and the patch did not install. If anyone cares, Microsoft has an entry on its blog that explains how that happened. Anyway, they fixed the problem, and when I turned my machine on today it downloaded and installed the patch successfully.

The previously problematic patch applies to Windows XP and Windows Server 2003. If you're using either of these operating systems, you should be able to verify that this patch is installed by going to Add/Remove Programs from the Windows control panel (making sure that the "show updates" box is checked). Scroll down to the bottom of the list of installed programs, and you should see a bunch of "Security Update" entries. This particular patch is identified as "Security update for Windows XP (KB913446)." If you're an XP user and don't see the patch installed, head on over to Microsoft Update.

By Brian Krebs  |  February 17, 2006; 3:01 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: New Mac Worm Spreads Via Bluetooth
Next: Just Your Basic Windows User


Funny that recently you posted about virus naming schemes needing to get consistent. MS hasn't picked up on this, as it's very confusing to have two different names for the same update (KB913446 and MS06-007). Especially since the latter name reveals exactly how buggy MS has been this year thus far.

Posted by: Michael | February 17, 2006 5:16 PM | Report abuse

Wanted to commend you, Brian, on your EXCELLENT piece about 0x80 and the ecosystem that drives spam.

Having said that, informative articles like these do a MASSIVE disservice to all those working hard to minimize virus exploitation by designing better browsers, like Opera and Firefox and Safari, and and more secure OS systems like Mac OS X...

Not making it explicit to readers that not using IE and/or Windows would immediately insulate you from 99% of viruses is strange... It would be like reporting on the dangers and fatalities of SUV tire blowouts by not mentioning that it was only Firestone tires and and Ford Explorers that would get you killed...not all tires or all SUVs.

Please consider adding this info to help all those "clueless" Windows PC users that 0x80 so derisively mentions in your impressive article...

Posted by: KT | February 17, 2006 7:07 PM | Report abuse

KT- thanks for the kind words. However, I don't think it's accurate to say that I haven't warned people about the problems inherent in IE. I recently ran a series of blog posts (and stories in the paper) about patch delays for Windows and IE. In fact, just a few days ago, we ran a browser calendar
that compared the security of Firefox vs. IE in 2005.

Posted by: Bk | February 18, 2006 11:27 AM | Report abuse

Glad to find your post, I just wish I could get the patches to install. My system has been trying to install Security Update for Windows XP (KB913446) since Tuesday and keeps failing. Of course the irony is that I have my system set to download, but NOT auto-install anything, so that makes no sense.

I tried it again, rebooted and tried again, still no luck.

When I go to Windows Update it just keeps trying and failing to install
Windows Genuine Advantage Validation Tool (KB892130). Did they revise that or something? This is by no means a new system and I've installed plenty of patches over the past 2+ years.

Well, at least I only use MSIE for updates. I switched to Firefox over a year ago.

Manually installing KB913446 from the link in the blog post did finally work. Now if only the other one would work.

Brian, looks like you need a challenge code to block spam posts here. At least you have the nofollow tags going to prevent any real gain by these creeps.

Posted by: John Martel | March 16, 2006 7:58 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company