[ caiser @ 27.07.2003. 17:06 ] @
A hacker group released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack as soon as this weekend, security researchers warned.

The warning came Friday, after hackers from the Chinese X Focus security group forwarded source code to several public security lists. The code is for a program designed to allow an intruder to enter Windows computers.

The X Focus program takes advantage of a hole in the Microsoft operating system that lets attackers break in remotely. The flaw has been characterized by some security experts as the most widespread ever found in Windows.

...

The Chinese code worked on only three variants of Windows, but could show knowledgeable hackers how to take advantage of the flaw.

HD Moore, a security researcher and the founder of the Metasploit Project, has done just that. A well-known hacker and programmer of security code, Moore has taken the Chinese code and improved it. Now the code works for at least seven versions of the operating system, including Windows 2000 Service Pack 0 to Service Pack 4 and Windows XP Service Pack 0 and Service Pack 1.

"I don't like broken exploits, so I fixed it," he said.

...

"This is probably the most widespread vulnerability that lets you get remote root," he said. "It's almost guaranteed to be turned into a worm." Remote root is a security term for the ability to take control of a computer over the Internet.

...

"This is going to be something like the SQL Slammer worm," he said. "It won't affect the outside networks (such as the Internet); it's going to affect the inside networks. All it takes is one server to get infected. You think it (was) bad when your database servers went down. This will take those servers and every other computer down as well."

He has advice: Patch quickly and disable the vulnerable service.

-------------------------------------------------------------------------------

http://news.com.com/2100-1002_3-5055759.html

Inace, Microsoft je vec izbacio patch, tako da... pozurite. :)