Windows flaw attack code hits the net
Patch or else, warns Microsoft
Computer code that exploits a “critical” vulnerability in Windows has been released on the internet, prompting Microsoft to issue a security advisory.
The attack code takes advantage of a flawed Windows routing and remote access component for which Microsoft released a patch two weeks ago, the company said in its advisory published late on Friday. The company is not aware of any actual cyber attacks that use the exploit code, it said.
Microsoft said: “An attacker who successfully exploited this vulnerability could take complete control of the affected system.”
It urges users to apply the fix delivered with security bulletin MS06-025, which will remove the vulnerability. “We have confirmed that the exploit code does not affect users who have installed the update,” Microsoft said.
Read more: silicon.com