Hackers push new software for attacks

The threat from this new vulnerability -- which already has drawn stern warnings from the Homeland Security Department -- is remarkably similar to one that allowed the Blaster virus to infect hundreds of thousands of computers last month.

The discovery gives fresh impetus for tens of millions of Windows users - inside corporations and in their homes - to immediately apply a free repairing patch from Microsoft. Homeland Security officials have warned that attacks could result in a "significant impact" on the operation of the Internet.

Distributed by Chinese site
Researchers from iDefense Inc. of Reston, Virginia, who found the new attack software being distributed from a Chinese Web site, said it was already being used to break into vulnerable computers and implant eavesdropping programs. They said they expect widespread attacks similar to the Blaster infection within days.

"It's fairly likely," said Ken Dunham, a senior iDefense analyst. "Certainly we'll see new variants in the next few hours or days."

Microsoft confirmed it was studying the new attack tool.

Last month's Blaster infection spread just days after hackers began distributing tools for breaking into Windows computers using a related software flaw. That infection disrupted computers at the Federal Reserve in Atlanta , Maryland's motor vehicle agency and the Minnesota transportation department.

Downloading the patch
The latest Windows flaws, announced September 10, were nearly identical to those exploited by the Blaster worm. Computer users who applied an earlier patch in July to protect themselves still must install the new patch from Microsoft, available from its Web site.

Amy Carroll, a director in Microsoft's security business unit, said 63 percent more people have already downloaded the latest patch than downloaded the patch for last month's similar vulnerability during the same five-day period.

Modifications possible
The latest hacker tool was relatively polished. It gives hackers access to victims' computers by creating a new account with the name "e" with a preset password. iDefense said the tool includes options to attack two Windows 2000 versions that are commonly used inside corporations.

The tool being distributed Tuesday didn't include an option to break into computers running Microsoft's latest operating systems, such as Windows XP or Windows Server 2003, but iDefense said it expected such modifications to make it more dangerous.

Source:http://click/

Nothing new...just Microsoft recieving more bad press...

Utinam logica falsa tuam philosophiam totam suffodiant

yup..

Well for me life is very small and one time oppurtunity given to us by allmighty up above there so i want to make most of that so that after my death i keep living in peoples heart

blaster is really damaging MS's already tarnished reputation

quote:

Originally posted by onzeponze blaster is really damaging MS's already tarnished reputation

I think if morons would upgrade when Microsoft releases the patches, they would be totally secure from this damn worm attack. I think the blame belongs with morons who wait too long to upgrade, not with Microsoft. Microsoft released the patch 3 weeks before worm was made.

Utinam logica falsa tuam philosophiam totam suffodiant

This post has been edited 2 time(s), it was last edited by Heather on 09-20-2003 at 21:29.

well, we can blame the media then, for not making enough noise when they should have

quote:

Originally posted by onzeponze well, we can blame the media then, for not making enough noise when they should have

No, you need to blame the morons who didn't upgrade.

Utinam logica falsa tuam philosophiam totam suffodiant

no, the media!

quote:

I think if morons would upgrade when Microsoft releases the patches, they would be totally secure from this damn worm attack. I think the blame belongs with morons who wait too long to upgrade, not with Microsoft. Microsoft released the patch 3 weeks before worm was made.

I partly agree. With highspeed internet access becoming more widespread there should be more responsibility.

However, when you run a large to very large network or use specialised software within your environment, a patch sometimes renders a production environment useless. Therefore sys admins test the microsoft-released patches before applying them to their network.
You cannot blame them, there have been several patches that broke MS's own code, let alone specialised software.

But as far aas the avarage browse chat email mp3 homeuser I think you are correct, they should have there machines patched in time.
I think I read somewhere the microsoft is gonna use an update-pushing system in the future.

Then again there is also the story of 'false update warnings' that we have seen.
Perhaps internet users should get some sort of 'drivers liscence' before they can get access to the net (rofl)

Overhead the albatros hangs motionless upon the air.

Bah, noODle, they just need to update.

Utinam logica falsa tuam philosophiam totam suffodiant

Well one advantage when you are running a large to very large network, you have things like perimeters and dmz's. The recent bugs in the RPC implemantation of Microsoft don't affect users behind it, nor do a lot of other vulnarabilities.
There is always the inside threat offcourse.

I agree that home users should keep their systems patched but there are too many ignorant 'I don have nothing to hide' users out there that don't understand the concept of zombies and DoSsing worms and the likes.
Try to explain it to someone who has problems opening his email program.
So I feel with our lives being more and more dependant on these new technologies that the software vendor certain has to take his responsibility.

A couple of days ago a paper was released about this subject (over which an employee of @stake got fired).
It can be found at:
http://www.ccianet.org/papers/cyberinsecurity.pdf

Overhead the albatros hangs motionless upon the air.