The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Time to Upgrade – Huge Worm Hole found in Windows 2000

Posted by Xavier Ashe on August 5, 2005

The vulnerability in Microsoft's operating system could enable
remote intruders to enter a PC via its Internet Protocol address, Marc
Maiffret, chief hacking officer at eEye Digital Security, said on
Wednesday. As no action on the part of the computer user is required,
the flaw could easily be exploited to create a worm attack, he noted.

What may be particularly problematic with this unpatched security hole is that a work-around is unlikely, he said.

“You can't turn this (vulnerable) component off,” Maiffret said. “It's always on. You can't disable it. You can't uninstall.”

eEye declined to give more details on the flaw or the Windows 2000
component in question. As part of company policy, it does not release
technical details of the vulnerabilities it finds until the software's
maker has released either a patch or an advisory.

Get the story at C|Net News.  Anoter report over at SecurityFocus.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: