New Exploit Threatens Vista, MS Scambles for Fix

Microsoft is scrambling this morning to find and release a fix for a newly discovered flaw that could end in the unraveling of a new and possibly devastating Windows worm.

According to reports breaking late last night, hackers have made known the release of a new attack code capable of exploiting a bug in the Windows operating system (OS). The weakness has been public knowledge since the beginning of September, but until this week no one seemed to be taking advantage.

That has changed now that Harmony Security Senior Researcher Stephen Fewer has developed an attack that allows a hacker to run unauthorized software on a targeted computer. If someone were successful in getting this far, it's possible the issue could quickly become a widespread problem enormously difficult to correct. (Source: pcworld.com)

Code Available to Anyone

Fewer's code is included in the open source penetration kit Metasploit, made available to the wider public on Monday. Unlike a previous attack code discovered by software firm Immunuity, Fewer's code can be downloaded by anyone.

Debate Over Effectiveness of Attack

There's some debate about how powerful the attack code really is. Although Metasploit's developer has said that the exploit will work with Vista Service Pack (SP) 1 and 2 as well as Windows 2008 SP1 server, Immunity researchers aren't entirely convinced.

Senior Researcher Kostya Kortchinsky recently stated that he was only able to run the attack on Windows Vista machines, and even then the only result was a system crash. Kortchinsky did succeed to get the attack working with one Vista PC the way it should, but that was within a VMware virtual machine process.

Win7 Not Affected

Thankfully, the flaw doesn't affect Windows 7. However, Vista remains insecure, and it remains to be seen whether the Redmond-based firm can develop a fix for this issue or a problematic SMB flaw before the next Patch Tuesday on October 13th. (Source: computerworld.com)