After Buggy Patch, Criminals Exploit Windows Flaw

Thursday Jun 3rd 2010 by Staff

Security vendor Symantec warns of a new exploit that uploads password loggers and remote access tools to Windows 2000 machines.

NetworkWorld: On April 13, Microsoft released a security patch for Windows 2000, but it didn't fix the problem it was intended to address. The company released a second patch two weeks later. Anyone who didn't install that second patch is at risk of a new exploit traced by security vendor Symantec.

According to Symantec, the new threat doesn't use existing Metasploit code, but instead hackers developed their own exploit which uses this particular vulnerability to upload keyloggers and remote access tools. While few PCs are at risk from the malware, Symantec's Security Intelligence Manager Joshua Talbot notes, "It's interesting to know that someone out there is taking the time to write an exploit for this and then scan for uncommon configurations. People should keep that in mind, even though this isn't necessarily a very high-profile issue."

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved