Exploit code raises Windows worm alarm

by admin October 13, 2005 at 6:41 pm

Computer code has already been written to take advantage of Windows flaws that were disclosed Tuesday, a sign that a worm attack could be near.

Exploit code exists for four of the 14 vulnerabilities for which Microsoft provided fixes this week, experts said Thursday. One of the exploits was written for a flaw which Microsoft tagged as “critical.” The bug lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC.

“When we start to see exploits surfacing, we know there will shortly be malicious code,” said Alfred Huger, a senior director at Symantec Security Response. “We expect at least the MSDTC vulnerability to be used in a worm in the short term.”

After Microsoft released vulnerability information, the exploit code was written within 24 hours, noticeably quicker than the average time it takes for an exploit to appear, Huger said. “Over the last two years on average it has been between four and 5.8 days for an exploit to come out after a vulnerability was released,” he said.

Full article: ZDNet News