Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Microsoft warns of exploit code for dial-up bug

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Microsoft warns of exploit code for dial-up bug
Date: Tue, 27 Jun 2006 00:27:19 -0500 (CDT) 
http://www.networkworld.com/news/2006/062606-microsoft-warns-of-exploit-code.html

By Robert McMillan
IDG News Service
06/26/06 

Microsoft is warning users of malicious software that could be used to
attack Windows systems that lack the company's latest security
updates.

The exploit code targets a vulnerability in the Remote Access
Connection Manager (RASMAN) service, used by Windows to create network
connections over the telephone. The bug, which was patched June 13, is
rated critical by Microsoft, the most severe rating available.

Hackers published the code on Web sites late last week, and it is now
included in Metasploit, a hacking toolkit that is used by security
researchers and criminals alike.

The malicious software is not as dangerous as it could be. Most
firewalls will block it and it also requires that the hacker be
authenticated on the computer for it to work.

Still, Windows 2000 and Windows XP Service Pack 1 users need to be
wary because they could be the victims of particularly nasty attacks
that do not require authentication, Microsoft said.

"The current exploit code ... requires authentication, but the
underlying vulnerability does not," said Stephen Toulouse, a security
program manager with Microsoft's security response center.

For any attack to work on the latest versions of other Windows
systems, like XP or Windows Server 2003, the attacker would need to be
able to log on to the victim's machine, Microsoft said.

Hackers will likely use the malicious software in criminal attacks
since it is now in Metasploit, said Ken Williams, director of
vulnerability research with CA.

Complicating matters is the fact that some dial-up users have been
having problems with the patch.

Computers that use Window's dial-up scripting or terminal windows to
make connections may find that their dial-up connections no longer
work, according to Microsoft's alert.

Users who cannot install the patch immediately should disable the
RASMAN service, Microsoft said.

Over the past two weeks, Microsoft has also been contending with a
number of unpatched vulnerabilities in its Office and Excel software.  
Microsoft has not yet patched the bugs, but it said Saturday that one
of them is now expected to be patched in its next round of security
updates, due July 11.

Microsoft's advisory on the malicious code can be found here.

The IDG News Service is a Network World affiliate. 
All contents copyright 1995-2006 Network World, Inc.



_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Microsoft warns of exploit code for dial-up bug, InfoSec News <=
Previous by Date:  [ISN] Report: One hacked OU server should have been offline, InfoSec News
Next by Date:  [ISN] Crypto utopia Sealand ravaged by fire, InfoSec News
Previous by Thread:  [ISN] Report: One hacked OU server should have been offline, InfoSec News
Next by Thread:  [ISN] Crypto utopia Sealand ravaged by fire, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]