Cyber Criminals Target Windows 2000 Sans Windows Media Service Patch
According to the security software firm Symantec, cyber criminals are searching the Internet to find Windows 2000 computers which don't have the latest Windows Media Service patch so they can conveniently attack the vulnerable systems, as reported by PCWorld on June 2, 2010.
Since Microsoft released the patch, the update proved troublesome as attacks still continued. The company issued the update, MS010-025 on April 13, 2010; however, it failed to repair the problem. After two weeks, Microsoft had to re-issue it.
This new update addresses vulnerability in Windows Media Services (WMS) active on Windows 2000 Server of Microsoft. The vulnerability was capable of executing code remotely provided the attacker managed to deliver a maliciously created transport transformation pack on a WMS-loaded Windows 2000 Server.
Furthermore, Microsoft has rated the vulnerability as "critical" and it affects all complimentary versions of Windows 2000 Server running Windows Media Services.
Symantec first detected the attacks on May 31, 2010. The company described them as utterly limited. While the detection network at Symantec singled out only a few attack endeavors, the malware employed to carry out the assaults was fresh and enabled hackers to compromise the system wholly.
Commenting on the problem, Joshua Talbot, Security Intelligence Manager of Symantec, stated that the Metasploit open-source hacking kit had posted an exploit code for the vulnerability. Nevertheless, the perpetrators of the attacks weren't utilizing it, he continued, as reported by PCWorld on June 2, 2010.
Joshua added that the perpetrators possibly did some experimentation which resulted in their own exploit code.
Meanwhile, the attack results in the collapse of a victim's PC. The attacker loads it a number of tools that intercept passwords and gives him access to the desktop, remotely. Moreover, it works on just Windows 2000 whose port 1755 of WMS isn't blocked with a firewall.
Talbot said the news that someone was leisurely developing an exploit to take advantage of the flaw and subsequently hunted out unusual settings was interesting. That should be kept in mind although the problem wasn't essentially too big.
Related article: Cyber Child abuser Sentenced To Imprisonment
» SPAMfighter News - 14-06-2010