Appears deadly exploit code for Vista and XP

Security firm Immunity released a code to exploit a deadly security bug in Windows recently released by Microsoft.

Security firm Immunity released a code to exploit a deadly security bug in Windows recently released by Microsoft.

However, the exploit code has not been widely released yet, only professional security experts use Immunity's computer security testing software to access the exploit code.

Dave Aitel - Chief Technology Officer of Immunity - said the exploit code has the ability to make the Windows operating system hang completely and also allows the attacker to gain control over malicious code on the PC. . ' In fact, in some cases, Windows PC testing has shown a blue screen of death. '

Since the information on the security flaw was released, the security community has expressed concern about the possibility of widespread attack on users. Because firstly, this is an error in a part of the Windows operating system and is enabled by default. And secondly, errors can be exploited without any user intervention. This means that this error can be used to organize attacks with self-replicating computer worms.

Picture 1 of Appears deadly exploit code for Vista and XP
Security experts say hackers can follow security researchers to continue digging deeper into this deadly flaw of Windows.

The error stems from the process of processing network data streams using the Internet Group Management Protocol (IGMP) and MLD (Multicast Listener Discovery). This is a specialized procedure for sending data to multiple systems at the same time. Many applications such as sending and receiving instant messages, online seminars, software distribution . must use these procedures. Both Windows XP and Vista are identified with this error.

In order to attack users, hackers need to create a malicious data packet sent to the user's PC through the above procedures. If successful, hackers will be able to gain remote control of malicious code operations - here may be computer worms - on PC errors. This worm can then automatically spread vigorously in the LAN intranet.

Microsoft has released this deadly bug fix update. The recommended user should quickly download the update with the code MS08-001 as soon as possible. In parallel, Microsoft also confirmed that this error is relatively difficult to exploit.

 

Update 13 December 2018
« PREV
NEXT »
Category

Technology

Life

Discover science

Medicine - Health

Event

Entertainment