We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers publish two more Windows attacks

That's four this week

Hackers have given system administrators more reasons to update users' Windows PCs. Over the past two days, they have published two more samples of software that could be used to attack an unpatched Windows system, bringing the tally of new attacks on the OS released into circulation this week to four.

The latest examples, posted to the French Security Incident Response Team (FrSIRT) website on Wednesday and Thursday, take advantage of the same two flaws exploited earlier in the week.

One of these attacks exploits a critical vulnerability in the way that Windows processes files saved in the Windows Metafile graphics format, and it can be used to crash a system. Microsoft fixed this Metafile bug in its MS05-053 security update, released on 8 November, so customers who have not yet applied this patch are the only ones at risk from the new attack.

The second attack targets a flaw in the Microsoft Distributed Transaction Coordinator (MSDTC), which was patched in October's MS05-051 security update. MSDTC is a component of the OS that is commonly used by database software to help manage transactions.

This code appears to be an update to some earlier attack code, which was extremely buggy, according to David Marcus, security research and communications manager at McAfee. "The first exploit [the hacker] did of that code only worked on a bizarre Russian build of Windows 2000," he said. "The second revision seems to be a bit more stable."

However, McAfee is most concerned over another type of attack, which was first disclosed on 21 November. This attack takes advantage of an unpatched flaw in the way Internet Explorer handles the JavaScript language, and it could be used to take over a victim's PC.

"We definitely see that one as a problem, and that's causing a lot of chatter," Marcus said. "The underground is latching on to this thing and they're figuring out some way to turn this into a worm candidate."

Most security experts expect Microsoft to patch this IE flaw by the time it releases its next security update on 13 December. To make things easier for systems administrators, Microsoft normally releases patches on the second Tuesday of every month, but Marcus believes that the publicity surrounding the matter may prompt Microsoft to act sooner.

"I think for its own good public relations, it'll eventually release a patch out of cycle," he said. "It's getting too much publicity."


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips for beginners: Complete Guide to OS X Yosemite