[ISN] Critical Windows bug could make worm meat of millions of high-value machines

From: InfoSec News <alerts_at_private>
Date: Wed, 14 Mar 2012 00:34:14 -0500 (CDT)
http://arstechnica.com/business/news/2012/03/remote-desktop-bug-in-windows-makes-worm-meat-of-high-value-machines.ars

By Dan Goodin
Ars Technica
March 13, 2012

Microsoft has plugged a critical hole in all supported versions of 
Windows that allows attackers to hit high-value computers with 
self-replicating attacks that install malicious code with no user 
interaction required.

The vulnerability in the Remote Desktop Protocol is of particular 
concern to system administrators in government and corporate settings 
because they often use the feature to remotely trouble-shoot e-mail 
servers, point-of-sale terminals and other machines when they experience 
problems. RDP is also the default way to manage Windows machines that 
connect to Amazon's EC2 and other cloud services. That means potentially 
millions of endpoints are at risk of being hit by a powerful computer 
worm that spreads exponentially, similarly to the way exploits known as 
Nimda and Code Red did in 2001.

"This type of vulnerability is where no user intervention or user action 
is required and an attacker can just send some specially crafted packets 
or requests, and because of which he or she can take complete control of 
the target machine," Amol Sarwate, director of Qualys' vulnerability 
research lab, said in an interview. While RPD is not enabled by default, 
he said the number of machines that have it turned on is a "big concern" 
because it is so widely used in large organizations and business 
settings.

The bug affects Windows XP and all versions of Windows released since, 
including the developer preview of Windows 8. It was privately reported 
by Luigi Auriemma, an Italian security researcher who frequently focuses 
on vulnerabilities in industrial control systems and SCADA, or 
supervisory control and data acquisition, systems used to control dams, 
gasoline refineries, and power plants. Microsoft said there's no 
indication the vulnerability is being used in the public to attack 
Windows users at the moment, but the company predicts that could change.

[...]


______________________________________________________________________________
ISSMP, CISSP, and Certified Ethical Hacker training with Expanding Security
gives the best training and support.  Get a free live class invite weekly.
Best program, best price. http://www.ExpandingSecurity.com/PainPill
Received on Tue Mar 13 2012 - 22:34:14 PDT

This archive was generated by hypermail 2.2.0 : Tue Mar 13 2012 - 22:29:30 PDT