We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Exploit code for dialup bug doing the rounds

2000 and XP SP1 users beware

Users who have not yet installed the latest security updates from Microsoft could be vulnerable to attack from a malicious software program doing the rounds on the internet, the company has warned.

The exploit code targets a vulnerability in the Remote Access Connection Manager (rasman) service, used by Windows to create network connections over the telephone. The bug, which was patched 13 June, is rated critical by Microsoft, the most severe rating available.

Hackers published the code on websites late last week, and it is now included in Metasploit, a hacking toolkit that is used by security researchers and criminals alike.

The malicious software is not as dangerous as it could be. Most firewalls will block it and it requires that the hacker be authenticated on the computer for it to work.

Still, Windows 2000 and Windows XP Service Pack 1 users need to be wary because they could be the victims of particularly nasty attacks that do not require authentication, Microsoft said.

"The current exploit code... requires authentication, but the underlying vulnerability does not," said Stephen Toulouse, a security program manager with Microsoft's security response centre.

For any attack to work on the latest versions of other Windows systems, such as XP or Windows Server 2003, the attacker would need to be able to log on to the victim's machine, Microsoft said.

Hackers will likely use the malicious software in criminal attacks since it is now in Metasploit, said Ken Williams, director of vulnerability research with Computer Associates.

Complicating matters is the fact that some dialup users have been having problems with the patch.

Computers that use Window's dialup scripting or terminal windows to make connections may find that their dialup connections no longer work, according to Microsoft's alert.

Users who cannot install the patch immediately should disable the rasman service, Microsoft said.

Over the past two weeks, Microsoft has been contending with a number of unpatched vulnerabilities in its Office and Excel software. Microsoft has not yet patched the bugs, but it said on Saturday that one of them is now expected to be patched in its next round of security updates, due 11 July.

Microsoft's advisory on the malicious code can be found here.

IDG UK Sites

How to use an Apple Watch: Everything you need to know about the Apple Watch

IDG UK Sites

Why Scottish Tablet is better than the iPad mini

IDG UK Sites

How Microsoft's HoloLens AR headset will work without needing a computer or phone

IDG UK Sites

Apple MacBook 1.1 GHz review (Retina, 12-inch, Early 2015): The future of Apple laptops