Share

Top 5 Stories

News

Microsoft says sample attack code leaked to hackers

19 March 2012

Microsoft is warning that proof-of-concept code exploiting a critical vulnerability involving the remote desktop protocol (RDP) in all versions of Windows has been leaked.

Microsoft patched the vulnerability in its monthly Patch Tuesday update, but warned users that “due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.”

On March 16, Microsoft researcher Yunsun Wee said that the company had become “aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020, which we released Tuesday.”

Wee explained that the details of the proof-of-concept code appear to match the vulnerability information shared with the Microsoft Active Protections Program, hinting that one of the partners leaked the code.

“Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements”, Wee added.

Microsoft stressed the need for users to apply the patch released on Patch Tuesday. It also is making available a one-click Fix It for users who need time to test the update before deploying it.

According to a March 19 update by Symantec, the “race for remote code execution (RCE) is well underway but as of today there are still no available exploits that have achieved this target….This is a window of opportunity that should be used to ensure that you have no unnecessary Internet-facing machines using RDP unless absolutely necessary and that the patch available for MS12-020 from Microsoft is applied to limit exposure to this critical vulnerability.”

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×