0
images/news/security.jpgA just-released proof-of-concept exploit against the year's first Windows vulnerability has security researchers ringing alarm bells.
Proof-of-concept code for the TCP/IP flaw spelled out Jan. 8 in Microsoft's MS08-001 security bulletin was added to Immunity Inc.'s CANVAS penetration testing software on Wednesday. Yesterday, Dave Aitel, Immunity's chief technology officer, warned that Microsoft may have overestimated the difficulty of creating a reliable exploit for the new bug.
"Microsoft makes triggering the issue sound a bit harder than it actually is," argued Aitel in a message to his Dailydave security mailing list on Thursday.
Last week, after Microsoft issued MS08-001 -- a bulletin that spelled out multiple vulnerabilities in Windows' TCP/IP protocols -- a Microsoft product manager writing in the new Security Vulnerability Research & Defense blog claimed that any attack would have to get lucky to successfully exploit the bug.
"Even though this bulletin is rated "critical" for XP and Vista, there are a number of factors that make exploitation of this issue difficult and unlikely in real-world conditions," argued Michael Grady, product manager in the company's Trustworthy Computing group.
Grady spelled out several factors that he said made an attack far-fetched, including an exploit chewing up most of the machine's CPU cycles and an attack requiring exquisite timing.
Aitel disagreed. "You'll be able to trigger it every time, especially on a local LAN," he said on Dailydave.
Read More
Proof-of-concept code for the TCP/IP flaw spelled out Jan. 8 in Microsoft's MS08-001 security bulletin was added to Immunity Inc.'s CANVAS penetration testing software on Wednesday. Yesterday, Dave Aitel, Immunity's chief technology officer, warned that Microsoft may have overestimated the difficulty of creating a reliable exploit for the new bug.
"Microsoft makes triggering the issue sound a bit harder than it actually is," argued Aitel in a message to his Dailydave security mailing list on Thursday.
Last week, after Microsoft issued MS08-001 -- a bulletin that spelled out multiple vulnerabilities in Windows' TCP/IP protocols -- a Microsoft product manager writing in the new Security Vulnerability Research & Defense blog claimed that any attack would have to get lucky to successfully exploit the bug.
"Even though this bulletin is rated "critical" for XP and Vista, there are a number of factors that make exploitation of this issue difficult and unlikely in real-world conditions," argued Michael Grady, product manager in the company's Trustworthy Computing group.
Grady spelled out several factors that he said made an attack far-fetched, including an exploit chewing up most of the machine's CPU cycles and an attack requiring exquisite timing.
Aitel disagreed. "You'll be able to trigger it every time, especially on a local LAN," he said on Dailydave.
Read More
