Code attacks Windows vulnerability | (MS04-007)

February 17, 2004


Code attacks Windows vulnerability | CNET - A piece of code that exploits a critical vulnerability that Microsoft issued a patch for only last week has been posted online, raising fears of an imminent MSBlast-style attack.

On Feb. 10, Microsoft released a patch that fixes a networking flaw affecting all Windows XP, NT, 2000 and Windows Server 2003 systems. The company warned people to patch their systems because the vulnerability could be exploited by virus and worm writers.

Four days after the patch was released, a piece of code was published on a French Web site that would let anyone exploit the vulnerability, meaning that unpatched customers could be hit with a worm similar to last summer's MSBlast, also known as Blaster.

*Note:* Everyone needs to patch as soon as possible but be careful; I've heard mixed reviews about this one.. including domain controllers not booting or allowing anyone to log on after the patch has been applied.