Microsoft warns of exploit code for dial-up bug

Microsoft is warning users of malicious code that exploits a recently patched bug in its dial-up software.

Microsoft is warning users of malicious software that could be used to attack Windows systems that lack the company's latest security updates.

The exploit code targets a vulnerability in the Remote Access Connection Manager (RASMAN) service, used by Windows to create network connections over the telephone. The bug, which was patched June 13, is rated critical by Microsoft, the most severe rating available.

Hackers published the code on Web sites late last week, and it is now included in Metasploit, a hacking toolkit that is used by security researchers and criminals alike.

The malicious software is not as dangerous as it could be. Most firewalls will block it and it also requires that the hacker be authenticated on the computer for it to work.

Still, Windows 2000 and Windows XP Service Pack 1 users need to be wary because they could be the victims of particularly nasty attacks that do not require authentication, Microsoft said.

"The current exploit code ... requires authentication, but the underlying vulnerability does not," said Stephen Toulouse, a security program manager with Microsoft's security response center.

For any attack to work on the latest versions of other Windows systems, like XP or Windows Server 2003, the attacker would need to be able to log on to the victim's machine, Microsoft said.

Hackers will likely use the malicious software in criminal attacks since it is now in Metasploit, said Ken Williams, director of vulnerability research with CA Inc.

Complicating matters is the fact that some dial-up users have been having problems with the patch.

Computers that use Window's dial-up scripting or terminal windows to make connections may find that their dial-up connections no longer work, according to Microsoft's alert.

Users who cannot install the patch immediately should disable the RASMAN service, Microsoft said.

Over the past two weeks, Microsoft has also been contending with a number of unpatched vulnerabilities in its Office and Excel software. Microsoft has not yet patched the bugs, but it said Saturday that one of them is now expected to be patched in its next round of security updates, due July 11.

Microsoft's advisory on the malicious code can be found here.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?