Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attack Code Found For Recent Windows Bug

Posted by Soulskill on Tuesday October 28, 2008 @10:23AM from the oh-by-the-way dept.

CWmike writes "Just a day after downplaying the vulnerability that caused it to issue an out-of-cycle patch last week, Microsoft warned customers late yesterday that exploit code had gone public and was being used in additional attacks. 'We've identified the public availability of exploit code that now shows code execution for the vulnerability addressed by MS08-067,' said Mike Reavey, operations manager of Microsoft's Security Response Center, in a post to the MSRC blog. 'This exploit code has been shown to result in remote code execution on Windows Server 2003, Windows XP, and Windows 2000.'"

3 of 184 comments (clear)

Min score:

Reason:

Sort:

Clarification by Raconteur · 2008-10-28 10:48 · Score: 5, Informative

Just in case the /. entry seemed as ambiguous to you as it did to me, the linked article states "Our investigation has shown that it does not affect customers who have installed the update."
Re:Another out-of-cycle patch is coming, right? by TubeSteak · 2008-10-28 10:48 · Score: 5, Informative

No, this is the same exploit we talked about before.
If you patched on the 23rd, you should be fine.

--
[Fuck Beta]
o0t!
Microsoft didn't downplay this by Anonymous Coward · 2008-10-28 11:17 · Score: 5, Informative

Instead they issued an out-of-cycle patch and they gave it a very high severity rating in their bulletins. None of us are Microsoft lovers. But you don't have to lie to us just to be able to pat us on the back. It's disgusting, please stop it.