Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploits Circulating for Latest Windows Holes

Posted by CmdrTaco on from the netcraft-confirms-that-trolls-are-uncreative dept.

1sockchuck writes "Exploits are already circulating for at least two (and possibly four) of the Windows security holes addressed in Microsoft's updates on Tuesday. Several working exploits have been released for a new vulnerability in Windows Plug and Play technology, which could be used to spread a worm targeting Windows 2000 machines, according to eEye security, which has released a free scanner to help network admins identify vulnerable computers."

9 of 185 comments (clear)

  1. Re:Registration form privacy information at eEye by Anonymous Coward · · Score: 1, Informative

    enjoy

  2. link by Anonymous Coward · · Score: 2, Informative

    right here

    -WH

  3. nessus plugins available by sgt+scrub · · Score: 3, Informative

    If you need to test the machines on your network Nessus http://nessus.org/ has released plugins.

    --
    Having to work for a living is the root of all evil.
    1. Re:nessus plugins available by ninja_assault_kitten · · Score: 1, Informative

      Yes, and you have to be a direct feed user to get them. At least for the next several days.

  4. Re:And Linux doesen't?!?!? by chez69 · · Score: 2, Informative

    the enterprise versions are supported for 3 years. fedora is just a testbed, most of the folks that use it (including me) realize this.

    if you want long term support, buy something that has it.

    --
    PHP is the solution of choice for relaying mysql errors to web users.
  5. Here's some news for you, chum. by Anti-Trend · · Score: 3, Informative

    First of all, Linux distros support every package on the system, not just the core files like MS update. That means perl, MySQL, apache, even the modules for apache. Everything. With that in mind, compare the Secunia security reports for Mandrake 10.0 and Windows XP Pro 10.0, which hit the market at about the same time. Have a look at the amount of unpatched vulnerabilities in both and see if you can still come to the same conclusions. Sheesh!

    --
    Working in a DevOps shop is like playing in a band made up entirely of keytarists.
  6. Re:It is interesting that... by Anonymous Coward · · Score: 1, Informative

    From http://begthequestion.info/ --

    'The phrase "begging the question", or "petitio principii" in Latin, refers to the "question" in a formal debate -- that is, the issue being debated. In such a debate, one side may ask the other side to concede certain points in order to speed up the proceedings. To "beg" the question is to ask that the very point at issue be conceded, which is of course illegitimate.'

  7. Re:It is interesting that... by mcmonkey · · Score: 2, Informative

    http://www.datanation.com/fallacies/begging.htm

    http://skepdic.com/begging.html

    http://www.randomhouse.com/wotd/index.pperl?date=1 9970627

    It's a form of circular reasoning.

  8. source code by Anonymous Coward · · Score: 1, Informative
    im not a fan of eeye so here is the source code of the exploit for people to play with.

    its not in the wild its in the public domain now http://seclists.org/lists/pen-test/2005/Aug/0183.h tml anyone who wants the binary for the scanner check below

    http://www.eeye.com/html/Research/Tools/exe/Retina UMPNP.exe