http://arstechnica.com/business/news/2012/03/suspicions-arroused-as-exploit-for-critical-windows-bug-is-leaked.ars By Dan Goodin Ars Technica March 16, 2012 Attack code privately submitted to Microsoft to demonstrate the severity of a critical Windows vulnerability is circulating on the 'Net, prompting the researcher who discovered it to say it was leaked by the software maker or one of its trusted partners. The precompiled executable surfaced on Chinese-language web links such as this one on Thursday, two days after Microsoft released a patch for the hole, which affects all supported versions of the Windows operating system. The company warned users to install the fix as soon as possible because the vulnerability allows attackers to hit high-value targets with self-replicating exploits that remotely install malicious software. Microsoft security personnel have predicted exploit code will be independently developed in the next month. Luigi Auriemma, the Italian security researcher who discovered the vulnerability and submitted proof-of-concept code to Microsoft and one of its partners in November, wrote in an email that he's "100% sure" the rdpclient.exe binary was taken from the exploit he wrote. In a later blog post, he said evidence his code was copied included an internal tracking number the Microsoft Security Response Center assigned to the vulnerability. He also cited other striking similarities in the packet that triggers the vulnerability. "So yes, the pre-built packet stored in 'rdpclient.exe' IS mine," he wrote. "No doubts." [...] ______________________________________________________________________________ CISSP and CEH training with Expanding Security is the fastest, easiest way to grock the relevant data you need now. A free class invite is in every PainPill. Sign up for the free weekly PainPill . It's that easy. http://www.expandingsecurity.com/PainPillReceived on Sun Mar 18 2012 - 23:32:58 PDT
This archive was generated by hypermail 2.2.0 : Sun Mar 18 2012 - 23:36:58 PDT