Symantec - Hackers Intensify Attacks to Exploit Vulnerability in Windows XP & Server 2003
Symantec (an online security company) states that an unpatched vulnerability in Microsoft Server 2003 and Windows XP has been included to a multiple attack toolkit for exploitation. This inclusion of vulnerability shows that attacks will rise in future.
The security company states that the exploit of DirectShow bug, which has been circulating on the Internet and recognized by Microsoft one month back, has been added to a web-based attack toolkit. Liam Murchu, a researcher working with Symantec's security response group, says that this will result in high volume use of the exploit in a short time, as reported by Computerworld on June 22, 2008.
To exploit this flaw, hackers are presently luring users to a malicious webpage. Among other methods, hackers have become proficient in doing this by fixing iframe tags in authentic pages. This is the most explicit attack vector. It has been observed that the iframe tags point to the exploit inside phishing pages, and the insertion of iframe tags in pages is expected to rise in coming days.
The flaw exists in the code within Microsoft DirectX and can be activated by a specially designed QuickTime media file. The web pages of hackers will attempt to play the malicious QuickTime file, not accessing the QuickTime player, instead uses the Windows Media Player. This will activate the flaw and enable hackers to insert code in the visitors' systems.
Microsoft has not released fix for the DirectShow bug which attacks Windows 2000, Server 2003 and XP, but doesn't the latest Windows Vista and Server 2008. The vulnerability doesn't target upcoming Windows 7.
Microsoft Corp. says that till the last week of May 2009, attackers targeted the flaw for the third time in the last 3 months (March-May). They had already caution that attackers were exploiting an unpatched critical flaw in their software.
Further, Microsoft released a security advisory that claimed hackers had already been accessing attack code that exploited a bug in DirectX, a Windows subsystem important to games and is accessed to play streaming videos downloaded from sites.
Unlike other latest exploits of Microsoft zero days, flaws that have not been patched by the attack code come into notice the DirectShow assaults are not targeting particular businesses or individuals.
Related article: Sentence for American Contractor for Sabotaging Government Navy Computers
» SPAMfighter News - 7/3/2009
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!