Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Bracing for Worm Attack

Posted by ryuzaki0 on from the red-alert dept.

10010010 writes "A network worm attack targeting a critical Microsoft Windows vulnerability appears inevitable. The flaw is easy to exploit, as evidenced by the quick release of an exploit module for HD Moore's Metasploit Framework. Within hours of the Patch Day release Tuesday, two pen testing companies (Immunity and Core) created and released 'reliable exploits' for the flaw, which was deemed wormable on all Windows versions, including Windows XP SP2 and Windows Server 2003 SP1."

2 of 256 comments (clear)

  1. Re:So, an Exploit For a Patch? by tomstdenis · · Score: 4, Interesting

    Sadly "properly firewalled" also means from your peers inside your network. When I was in College it was routine for viruses to spread almost instantly in the labs where we had our own system drives (e.g. not locked down). Similarly at any sufficiently large office there is bound to be at least one complete f'ing idiot who clicks on all email attachments and thinks "browsing the net commando style" is top shit.

    Tom

    --
    Someday, I'll have a real sig.
  2. Re:Not really that serious by g-san · · Score: 4, Interesting

    Nah.... tarpit. Put a listener on those ports (you windows users will have to reboot into linux for this. try it, you'll like it.) Open the connection, read from the channel, then just sit there until the remote end times out. If the worm is stupid enough it will connect back to your PC a few times. That slows them down, and doesn't cause any harm to the net. Or send back three bytes of data every 20 seconds or so... the remote end will buffer it expecting more to come and stretch the timeout even further.