Immunity launches exploit for 'unlikely' Windows worm hole

Summary:A workable exploit attack for a TCP/IP vulnerability in Microsoft's Windows has been launched into the wild courtesy of security firm Immunity.On Jan.

A workable exploit attack for a TCP/IP vulnerability in Microsoft's Windows has been launched into the wild courtesy of security firm Immunity.

On Jan. 17, it became clear that you shouldn't dawdle on deploying Microsoft's MS08-001 patch. That patch, issued Jan. 8, fixed a Transmission Control Protocol/Internet Protocol (TCP/IP) processing vulnerability that was critical for XP and Vista. After security firm Immunity issued a proof of concept, Microsoft acknowledged the vulnerability, but said an attack was "unlikely."

With Microsoft's assessment it basically threw down the gauntlet. A few days later Immunity is at it again--this time with a workable exploit.

Immunity ships exploits for its paying subscribers has issued a flash movie detailing the exploit in action. It isn't 100 percent reliable, but the odds are better than unlikely now.

Here are a few screens from the movie:

immunity.png

And.

immunity2.png

Your turn Microsoft. Ryan Naraine has more.

Topics: Security, Microsoft, Networking, Operating Systems, Software, Windows

About

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CN... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.