MISCELLANEOUS

Remotely Exploitable Vulnerability Found in Windows

Microsoft issues patch out of season

Apparently a vulnerability exists in all versions of Microsoft Windows starting with 2000 SP4 (yes, that includes Vista, Vista 64 and Server 2008) that could allow a remote attacker to execute arbitrary code on an affected system. Microsoft is taking the highly unusual step of “pre-announcing” the patch, which is due out tomorrow. The only possible use for such a pre-announcement (which is very short on details) is that Microsoft wants to impress upon everyone that the bug is a very big deal indeed.

No details are forthcoming for now, however. A webcast is scheduled for a couple hours from now.

It remains to be seen whether the podcast will contain enough details to kickstart a reverse-engineering process, as in the Kaminsky announcement fiasco. Anyway, if you own or administer a windows computer or network and are curious as to what exactly might happen to it and how it might be exploited between today and tomorrow, you may wish to follow the link.

We’ll update this story as more details become available.

UPDATED :

The vulnerability allows the crafting of special RPC requests which upon
receipt allow unauthenticated users to trigger the execution of arbitrary code on affected systems.

The flaw is being exploited in the wild by a worm whose payload is detected by BitDefender under the name Win32.Worm.Gimmiv.A .

About the author

Răzvan STOICA

Razvan Stoica is a journalist turned teacher turned publicist and
technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Razvan Stoica started off writing for a science monthly and was the chief
editor of a science fiction magazine for a short while before moving on to
the University of Medicine in Bucharest where he lectured on the English
language. Recruited by Bitdefender in 2004 to add zest to the company's
online presence, he has fulfilled a bevy of roles within the company since.

In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.