Skip to comments.
Exploits Circulate for Windows 2000 Vulnerability ~~ multiple exploits are circulating
2CPU.com - eWeek ^
| Tuesday, August 16, 2005 at 1:48 PM EST
| duke
Posted on 08/17/2005 12:29:05 PM PDT by Ernest_at_the_Beach
As a follow-up to yesterday's post about the Zobot worm, eWeek is reporting that multiple exploits are circulating for the vulnerability outlined in bulletin MS05-039.
Researchers at eEye Digital Security also raised the alarm after testing the published exploits. "Upon discovering two instances of exploit code online, [we] conducted thorough testing to confirm that both present a legitimate threat to Windows 2000 systems (completely patched SP 4 with all hotfixes). One exploit, released by an anonymous author, will bind a command prompt to TCP port 8721," the company warned.
Get patched folks! The entire article can be viewed here
TOPICS: Business/Economy; Extended News; News/Current Events
KEYWORDS: lowqualitycrap; malware; microsoft; patches; spyware; viruses; windows; windows2000; worms
Navigation: use the links below to view more comments.
first 1-20, 21-26 next last
DisneyLand took a hit yesterday, also...
To: ShadowAce
To: Ernest_at_the_Beach
I must be doing something wrong - there are four Win2k machines in easy reach here, and several hundred more scattered about, none of which have had a problem. Maybe Disney, CNN, ABC, and the NYT (did I forget anyone?) would like a quote on some consulting work.
3
posted on
08/17/2005 12:32:27 PM PDT
by
general_re
("Frantic orthodoxy is never rooted in faith, but in doubt." - Reinhold Niebuhr)
To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...
Here's another Windows Security Alert!
4
posted on
08/17/2005 12:34:52 PM PDT
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: Ernest_at_the_Beach
Yep, the company I work for got hit this morning. All hell is breaking loose. Still haven't gotten the server to come back up. Not good.
To: All
To: redlocks322
I had 3 file sharing boxen infected. Luckily, the firewall refused them a chance to talk to the internet. Some jerk with a unfirewalled laptop was the culprit.
7
posted on
08/17/2005 12:37:37 PM PDT
by
AppyPappy
To: ShadowAce; general_re
I thought the detail of 5 different exploits was new....althought more than likely someone here knew it.
GR...if you have a good plan for continual updates...and since MS had their alerts out in plenty of time, you DONE GOOD!
To: redlocks322
We have seen two of our server catch it (macafee), we have just finished patching our entire dev/test area. Should have everything in PROD patched by sunday but its hard because these damn things require a reboot!
9
posted on
08/17/2005 12:43:53 PM PDT
by
N3WBI3
(If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
To: Ernest_at_the_Beach
Short cycle, though - not a lot of time for testing.
10
posted on
08/17/2005 12:44:08 PM PDT
by
general_re
("Frantic orthodoxy is never rooted in faith, but in doubt." - Reinhold Niebuhr)
To: All
This from 2CPU also
*************************************
Zotob worm hits Windows users
By duke on Monday, August 15, 2005 at 9:43 AM EST [ Post A Comment ] #3821
C|Net has posted a quick article about a new worm affecting Windows users: Zotob. The Zotob worm appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer.
More information is available here.
To: AppyPappy
Some jerk with a unfirewalled laptop was the culprit. The Microsoft Wheel of Blame spins again.
12
posted on
08/17/2005 12:46:47 PM PDT
by
HAL9000
(Get a Mac - The Ultimate FReeping Machine)
To: HAL9000
Yeah but I can't use a Mac. I'm a heterosexual.
To: N3WBI3; ShadowAce
This says more than just Windows 2000???
**********************************************
Zotob worm hits Windows users
By Reuters
http://news.com.com/Zotob+worm+hits+Windows+users/2100-7349_3-5832849.html
Story last modified Mon Aug 15 04:30:00 PDT 2005
A new Internet worm has been detected that can infect Microsoft's Windows platforms faster than previous computer worms, according to an antivirus software maker.
The Zotob worm appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer.
The latest worm exploits security holes in Microsoft's Windows 95, 98, ME, NE, 2000 and XP platforms and can give computer attackers remote access to affected systems, said Trend Micro.
"Hundreds of infection reports were sighted in the United States and Germany," Tokyo-based Trend Micro said in a statement released late last week.
"Since most users may not be aware of this newly announced security hole so as to install the necessary patch during last weekend, we can foresee more infections from worm Zotob," it said.
The latest virus drops a copy of itself into the Windows system folder as BOTZOR.EXE and modifies the system's host file in the infected user's computer to prevent the user getting online assistance from antivirus web sites, Trend Micro added.
It can also connect to a specific Internet relay chat server and give hackers remote control over affected systems, which can be used to infect other unpatched machines in a network and slow down the network performance.
Last Tuesday, Microsoft issued patches to fix its security flaws as part of its monthly security bulletin. The problems affect the Windows operating system and Microsoft's Internet Explorer Web browser.
Microsoft has warned that an attacker could exploit a vulnerability in its Internet Explorer Web browser and lure users to malicious Web pages, and could run software code on the user's PC, giving the attacker control of the affected computer.
Computer users should update their antivirus pattern files and apply the latest Microsoft patches to protect their computer systems, Trend Micro said.
To: Ernest_at_the_Beach
15
posted on
08/17/2005 12:55:24 PM PDT
by
frogjerk
To: All
IE again......
Microsoft has warned that an attacker could exploit a vulnerability in its Internet Explorer Web browser and lure users to malicious Web pages, and could run software code on the user's PC, giving the attacker control of the affected computer.
Must be ActiveX ....
To: frogjerk
LOL...Fedora Core 4 here....
To: Ernest_at_the_Beach
I wonder if MS still thinks that Win2k doesn't need a SP5, like they initially promised. Whoever made that decision needs to be smacked.
18
posted on
08/17/2005 1:03:33 PM PDT
by
Windcatcher
(Earth to libs: MARXISM DOESN'T SELL HERE. Try somewhere else.)
To: general_re
I was advised by my company's IT person
not to routinely install Microsoft updates because there is no telling what they might break. (Looks to the left) Hello rock. (Looks to the right) Hello hard place.
Fortunately, our firewall seems to have protected me.
To: Question_Assumptions
That's good advice. A firewall with some basic procedures should help
Delete the default share for the system drive
Make every program ask for permission to leave the box
Heavily restrict who can see the box
Turn off unneeded processes
Check the system32 folder daily
Whenever a new virus comes out, create a read-only text file with the same name and put it in the offending directory
Create a locked down honeypot on your network to sniff out new viri
Navigation: use the links below to view more comments.
first 1-20, 21-26 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson
