[Chachazz]

Iain Thomson,
vnunet.com 12 Aug 2005

Exploit code has started appearing on hacking websites for a critical Microsoft flaw less than three days after the patch was released.

The patch (MS05-039) addresses a flaw in the Windows Plug-and-Play system, which automatically recognises and configures devices as they are plugged in to the computer.

Security testers at eEye claim to have found two separate examples of working exploit code in the past few hours that could give full control of a target PC.

"On discovering two instances of exploit code online, the research team conducted thorough testing to confirm that both present a legitimate threat to Windows 2000 systems (completely patched Service Pack 4 with all hotfixes)," said the company in an alert.

"One exploit, released by an anonymous author, will bind a command prompt to TCP port 8721. Users should consider this patch highly critical, and should install it as soon as possible."

Computers running Windows XP and Server 2003 are also at risk, although the exploit is more difficult to use on these machines. Microsoft is urging all users to apply the patch as quickly as possible.

Story: vnunet.com