Just days after Microsoft warned its customers about the release of code that can exploit a hole in its Secure Sockets Layer (SSL) library, new code that claims to exploit another recently disclosed hole surfaced on a French language Web site. The computer code can be used by a remote attacker to trigger a buffer overrun vulnerability in the Local Security Authority Subsystem Service (LSASS), according to a message posted to www.k-otik.com. Microsoft released a patch for the LSASS vulnerability, MS04-011, April 13, along with fixes for the SSL problem and a number of other vulnerabilities. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.