[ISN] More worms likely: expert

From: InfoSec News (isn@private)
Date: Mon Aug 22 2005 - 01:15:12 PDT


http://www.smh.com.au/news/breaking/more-worms-likely-expert/2005/08/19/1123958226299.html

By Sam Varghese
August 19, 2005 

More worms could be in the works to exploit unpatched vulnerabilities 
in Microsoft's products, a US security professional says.

Marc Maiffret, chief hacking officer of eEye Digital Security, said
two critical flaws, among eight discovered by the company [1], could
be exploited by worms.

The details of all eight have been posted on the company's website. 
Maiffret would not specify which of the eight were open to remote 
exploits.

"Two of them are remotely exploitable and they are also both on the 
magnitude of the PNP vulnerability," Maiffret said, referring to the 
flaw in Microsoft Windows which was exploited by the Zotob worm and 
numerous other variants over the past week.

"But you never know with worms, (it) really just depends if there is 
someone that cares to write one."

eEye follows a policy of releasing limited information about a 
vulnerability publicly while sending full details to the vendor.

Although the company considers 60 days sufficient time to 
fix any flaw, it discloses full details of a bug only after the vendor 
has released a fix.

Full details of the eight vulnerabilities in Microsoft products have 
been sent to the vendor, one as long as four months ago.

Two vulnerabilities in the Real Audio player and one in Macromedia's 
products have also been listed.

eEye first shot to prominence in 2001 when it discovered a 
vulnerability in Microsoft's IIS web server which was later exploited 
by a worm named Code Red, causing major problems on the internet.

[1] http://www.eeye.com/html/research/upcoming/index.html



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org 



This archive was generated by hypermail 2.1.3 : Mon Aug 22 2005 - 01:37:23 PDT