Site icon Liquidmatrix Security Digest

Attack Proves Critical Windows Bug ‘Highly Exploitable’

Aitel to Microsoft…Ya know what? Uh, uh.

From Computer World:

Security researchers yesterday said they’d discredited Microsoft’s claim that the year’s first critical Windows vulnerability would be “difficult and unlikely” to be exploited by attackers.

On Tuesday, Immunity Inc. updated a working exploit for the TCP/IP flaw spelled out Jan. 8 in Microsoft’s MS08-001 security bulletin, and posted a Flash demonstration of the attack on its Web site. The exploit, which was released to customers of its CANVAS penetration testing software — but is not available to the public — was a revised version of code first issued two weeks ago.

“This demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is highly exploitable,” said Dave Aitel, Immunity’s chief technology officer, in a message to his Dailydave security mailing list.

Read on.

Article Link

[tags]MS08-001, Microsoft Exploit, Dave Aitel[/tags]

Exit mobile version