The U.S. Department of Homeland Security said Thursday that it believes exploits are being created to attack computers compromised by a vulnerability recently disclosed by Microsoft in its Windows operating system. The vulnerability, which is found in Windows 2000, Windows XP, Windows NT, and Windows Server 2003, first came to light July 16. The problem relates to the Remote Procedure Call protocol, which allows a computer to run code on a remote system. A malformed request sent over TCP/IP port 135 could result in a buffer overflow, and allow an attacker to install code of his choice, change or delete data, and create new accounts on the PC. Although Microsoft posted a patch on its TechNet Web site, the Department of Homeland Security’s advisory is intended to get the word out that the vulnerability is both extremely serious, and that there’s the potential for attack. “The Department is concerned that a properly written exploit could rapidly spread on the Internet as a worm or virus in a fashion similar to Code Red or Slammer,” said the National Cyber Security Division, part of Homeland’s Information Analysis, and Infrastructure Protection directorate, in a statement. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.