Windows exploit code raises threat alert
And there ain’t no patch on it…
Exploit code has been published that could take advantage of flaws in Windows XP SP1 and Windows 2000 SP4, according to a warning issued on Thursday by Microsoft.
Although the exploit code could be used to launch a denial of service attack in machines running XP SP1 and Windows 2000 with all service pack versions, the threat is only moderately severe, said Stephen Manzuik, a product manager at security research company eEye Digital Security.
Manzuik said: “On a scale of 10, it would be about a four or five on severity. All it will do is crash some machines and not crash others.”
The exploit code could allow an attacker to launch a remote denial-of-service attack on Windows 2000 machines using all service pack versions but would require a user authentication on Windows XP SP1 computers, he added.
Full story: silicon.com