Personal Tech Pipeline | News | Microsoft Warns Of New Windows Exploit, No Patch Available
<A HREF="http://as.cmpnet.com/event.ng/Type=click&amp;FlightID=48965&amp;AdID=81855&amp;TargetID=315&amp;Segments=115,1411,2549,3108,3448,4751,6918&amp;Targets=315,2164,2625,2878,5028&amp;Values=34,46,51,63,77,85,90,100,140,203,222,227,442,645,646,659,1184,1405,1431,1785,1798,1901,1925,1945,2217,2299,2310,2329,2352,2678,2787,2862,2956,3244,3256,3347,3385&amp;RawValues=&amp;Redirect=http://www.thesmbadvantage.com" target="_top"><IMG SRC="http://i.cmpnet.com/ads/graphics/as5/ht/custom/HewlettPackard/WW/hsw_5011_CMP_728x90_ul.jpg" WIDTH=728 HEIGHT=90 BORDER=0></A>

White Papers

Sponsor Resources

WebCasts
Free Newsletter GlossaryContact UsAbout Us
Players & CamsPhones & PDAsHome & AutoOnline

November 17, 2005

Microsoft Warns Of New Windows Exploit, No Patch Available



Courtesy of TechWeb News

Microsoft late Wednesday warned Windows users that proof-of-concept code was in circulation that could be remotely and anonymously exploited on Windows 2000 machines. Windows XP SP1 is somewhat less vulnerable, said Microsoft.

The security advisory gave out few details of the vulnerability, only saying that it was a flaw in the RPC (Remote Procedure Call) component, and could result in a denial-of-service attack that would crash affected computers.

"On Windows XP Service Pack 1, an attacker must have valid logon credentials to try to exploit this vulnerability," Microsoft said in the advisory. Windows 2000, however, can be attacked remotely. That aged operating system has been victimized by several vulnerabilities which have singled it out for attack since mid-year, including August's Zotob campaign.

Windows XP SP2, Windows Server 2003, and Windows Server 2003 SP1 are immune to attack.

As far as Microsoft knows, there have been no attacks of the exploit, but the whole matter is under investigation. It may release a security update to fix the flaw in the future, the company said, though like always it wouldn't commit to doing so.

Microsoft offered up no specific advice for blocking a possible attack, and only said "Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter."

Typically when Microsoft issues a security advisory, it offers up mitigation tactics or advice on how to stymie an attack.

E-mail This Story
Print This Story
Reprint This Story




Get the latest Personal Tech news, product info, and trends every week.


Related Content

  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Blog RSS Feed



Keeping Up To Date On Enterprise Server Tech?
Review our compilation of columns on server security, database software, and Linux issues.
Unleash the Power & Opportunity of Grid Computing
Experts will identify trends in grid computing, provide
examples and examine solution options.
Using Current Performance to Shape
Future Results

Hear new strategies for improving business
performance and results.

Editor's Picks

Well, Microsoft has "unfolded" its "Origami" ultra-mobile PC platform Thursday. It turned out to be a full-featured PC smaller than a tablet but bigger than a PDA. Are you impressed?
Yes! I want one!
Sort of. We'll see.
No! It's too big for a pocket and too small for real computing. What's the point?


In search of personal tech products? See our new Product Finder, where you'll find personal computing devices, communications solutions, security products, and more.



PERSONAL TECH PIPELINE MARKETPLACE (sponsored links)
Transform your IT infrastructure with IBM
Successful CIOs see IT as a prime stimulus for business innovation-and themselves as key participants in a process that develops business and IT strategies in concert. Read an executive summary and register to download the full IBM paper.

Want to know your CIS security score?
The CIS has developed detailed IT security benchmarks which will help make your computer more secure. Click here to download the Belarc Advisor which will automatically show you how secure your system is compared to the CIS benchmark configurations.

Fast, Firewall Piercing Support Tools from LogMeIn
Whether you need temporary or permanent access to remote PCs, LogMeIn has your solution: LogMeIn IT Reach for automatic maintenance of remote and mobile systems, and LogMeIn Rescue for instant, web-based remote access without pre-installing software.

Web based bug tracking - AdminiTrack.com
AdminiTrack offers an effective web-based bug tracking system designed for professional software development teams.

Data Recovery (RAID, Desktop, Laptop) Experts
reWave Hard Drive Recovery Specialists, LLC is a Worldwide Data Recovery Company specializing in RAID Server, Desktop and Laptop Data Recoveries. We Offer: Free Quotes/Free Evaluation and No Data - No Fee!


Buy a Link Now


Top ten search terms from the TechWeb TechEncyclopedia
How does your pay rate? Check the InformationWeek Salary Survey
Mobilized Solutions Guide: Find and compare solutions for your business
Top Requested White Paper Categories from TechWeb White paper Library
Top ten search terms from the TechWeb TechEncyclopedia