NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0373 New Attack Proves Critical Windows Bug is Highly
Exploitable:
Security researchers said they have discredited
Microsoft's claim that the year's first critical Windows vulnerability
would be "difficult and unlikely" to be exploited by attackers. On
Tuesday, 29JAN, Immunity Incorporated updated a working exploit for the TCP/IP
flaw spelled out 08JAN in Microsoft's MS08-001 security bulletin, and posted
a Flash demonstration of the attack on its web site. The exploit, which was
released to customers of its CANVAS penetration testing software - but is not
available to the public - was a revised version of code first issued two weeks
ago. It demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is
highly exploitable, Immunity's chief technology officer said in a message to
his Dailydave security mailing list. Immunity did acknowledge that its newest
exploit was not 100% reliable, however. Other security companies reacted to the
revamped attack code and Flash proof by issuing new alerts. They urged users
who have not already deployed the patches Microsoft issued 08JAN to do so
immediately.
(ComputerWorld 30JAN08)