Hackers Discovered Zero-Day Flaw in Windows Help and Support Center
According to the software giant 'Microsoft,' cyber criminals have started to widely exploit a zero-day flaw discovered by Tavis Ormandy, a Swiss Google Researcher, in the Windows Help and Support Center. The flaw was discovered by the researcher in the first week of June 2010, as reported by scmagazineus on June 15, 2010.
The Microsoft Security Response Center has revealed that these "limited exploits" hit Windows XP users.
In order to warn customers who are vulnerable to attacks launched by cybercriminals trying to exploit the vulnerability, Jerry Bryant (Group Manager for Response Communications at Microsoft) said that customers should not get confused from the announcement made. Customers using Windows 2000, Windows Server 2008 R2, Windows Vista, Windows Server 2008 and Windows 7 are safe. In fact, customers using Windows Server 2003 are not affected after the analysis of attack samples, as reported by cnet on June 15, 2010.
According the statement given by Donato Ferrante, (a Security Expert at SophosLabs), a security researchers team at Sophos engaged on June 15, 2010 in the process of detecting malware trying to exploit the vulnerability, as reported by scmagazineus on June 15, 2010. The security experts have concluded that computer users, who visit the website hosting the malicious exploit, will be infected by the malware called Sus/HcpExpl-A (identified by Sophos).
The most interesting fact is that this zero-day flaw has caught the attention of cyber criminals as compared to other flaws.
The advisory of Ormandy has once again fueled the age-old debate on full disclosure. In the disclosure, the researchers have published the whole details about the vulnerability with a thought that this is the perfect method to force a company fix the problem as quickly as possible. Ormandy has supported his decision by giving Microsoft warning five days in advance through a tweet. The tweet states that he was tired of the five days hate mail. The five days spent to convince the company fix the problem, as reported by theregister on June 15, 2010.
Finally, Windows XP users should consider deactivate features in the Help Center that permit administrators to log on the machine from a distant place.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 24-06-2010