Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] More attack code for Windows flaws

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] More attack code for Windows flaws
Date: Wed, 30 Nov 2005 00:28:54 -0600 (CST) 
http://www.smh.com.au/news/breaking/more-attack-code-released-for-windows-flaws/2005/11/29/1133026443579.html

By Sam Varghese
November 29, 2005 

A French research group has released proof-of-concept code for a
critical vulnerability in Microsofts Windows which can be exploited to
cause a denial of service.

Proof-of-concept code demonstrates a method of exploiting a
vulnerability. Though in itself not an exploit, it can help in
developing one.

A patch for this flaw was released by Microsoft in October; the same
patch took care of two other unrelated vulnerabilities.

The French group FrSIRT said in its advisory that the code it had
released was aimed at a flaw in Microsoft's Distribution Transaction
Coordinator.

The coordinator is a remote procedure call interface that provides
methods for different processes to complete transactions with each
other, often over a network.

The advisory did not say which versions of Windows would be affected
by an exploit based on this code.

When Microsoft released its advisory back in October it listed Windows
2000, Windows XP Service Pack 1, and Windows Server 2003 as being
affected.

eEye Digital Security, which discovered the problem and informed
Microsoft, rated the severity as high, allowing remote execution of
code.

Comment has been sought from Microsoft.



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] More attack code for Windows flaws, InfoSec News <=
Previous by Date:  [ISN] MP calls for UK e-crime tsar, InfoSec News
Next by Date:  [ISN] IT security staff could face licensing, InfoSec News
Previous by Thread:  [ISN] MP calls for UK e-crime tsar, InfoSec News
Next by Thread:  [ISN] IT security staff could face licensing, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]