New Windows Vulnerability: Microsoft Urges Customers To Install New Patch
Anti-virus experts fear time is running out to avert a new outbreak similar to the recent Lovesan (aka Blaster) epidemic
Microsoft Security Bulletin MS03-039 (824146) reports, "A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft® Windows® and gain complete control over it." The bulletin recommends users download a Windows update (containing a patch) that will fix the vulnerability. Furthemore, Microsoft offers three-step advice to help computer users protect themselves from viruses in the future.
Vulnerable systems include:
Windows Server 2003
Unaffected are the "no-longer-supported" by Microsoft - Windows 95 and 98. Also clear of this problem is Windows ME.
This new vulnerability is particularly feared because it is virtually identical to the DCOM RPC service vulnerability exploited by the Lovesan (aka Blaster) worm a few weeks ago. "They're as close as you can be without being the same," said Marc Maiffret, an executive at California based eEye Digital Security. Many experts are concerned that virus creators will be able to attack this new and particularly dangerous vulnerability quickly by simply making necessary alterations to the Lovesan code.
While acknowledging the danger, Alexander Gostev, an anti-virus expert at Kaspersky Labs, acknowledged the possible dangers of the new vulnerability, but did point out that "Microsoft reacted immediately to this discovery and released a patch without delay. Additionally, contrary to the case with the RPC vulnerability exploited by Lovesan, technical details have not appeared anywhere so far, making it more difficult to create network worms exploiting this new security issue."
To protect computer systems and networks, home users and system administrators must install the corresponding Windows Update (patch). A link for the appropriate patch can be found here.