Several hacking groups have posted code to the Internet that could be used to exploit a vulnerability in Microsoft’s Windows operating system, the same vulnerability that drove the Department of Homeland Security last Friday to issue an alert urging all IT administrators to patch the flaw as soon as possible. Rated by Microsoft as ‘critical,’ the highest in its four-level alert system, when it first was disclosed on July 16, the vulnerability could allow attackers entry into a system through a hole in Windows’ Remote Procedure Call protocol. A hacker-crafted request could cause a buffer overflow on the Windows machine, allowing the attacker entry, where he could run code of his choosing, or even delete files. At least three different exploits have been posted to various security mailing lists, such as Bugtraq and Full-Disclosure, said Dan Ingevaldson, the engineering manager of Atlanta-based Internet Security Systems’ (ISS) X-Force research and development team. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.