Microsoft says Windows flaw could bring worm attack

Microsoft is warning that attackers are exploiting a critical flaw in the Windows operating system and that the bug could be used in a worm attack.

Microsoft fixed a critical bug in its Windows operating system Thursday, saying that it is being exploited by online criminals and that it could eventually be used in a widespread "worm" attack.

Microsoft took the unusual step of issuing an emergency patch for the flaw, several weeks ahead of its regularly scheduled November security updates, saying that it is being exploited in "limited targeted attacks."

"It is possible that this vulnerability could be used in the crafting of a wormable exploit. If successfully exploited, an attacker could then install programs or view, change, or delete data; or create new accounts with full user rights," Microsoft said in a bulletin released Thursday morning.

The flaw lies in the Windows Server service, used to connect different network resources such as file and print servers over a network. By sending malicious messages to a Windows machine that uses Windows Server, an attacker could take control of the computer, Microsoft said.

Although firewalls would typically prevent this type of attack from spreading across the Internet, it could wreak havoc within corporate local area networks, much as the Zotob computer worm did back in 2005.

Zotob affected Windows 2000 systems, but this bug is rated critical for three versions of Windows: Windows 2000, Windows XP and Windows Server 2003 systems. It is rated as a less-serious flaw for the Windows Vista and Server 2008 systems, which require additional authentication from computers on the network.

Although the attack code used to exploit this flaw has not been publicly released, Microsoft felt that the bug was serious enough that it needed to rush out a patch, said Andrew Storms, director of security operations at nCircle, who has been briefed on the issue with Microsoft's security team.

"The exploits that Microsoft found were found on systems running their Microsoft security software. This is how they became aware of it," he said. "It is a successful attack, but it is not spreading like a worm at this point."

Although the attack code seems to have been used in only very targeted attacks, it could become a more widespread problem, according to Marc Maifffret, director of professional services with The DigiTrust Group. "It will really depend on whether or not someone wants to cause a bit of chaos and make a ... name for themselves," he said via instant message. "The reality is that bad guys do not like worms because they cause more people to patch."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags windows flaw

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?