U.S. Government Warns of Windows Flaw
I thought it was interesting when I ran across a warning from our Federal government about the recent Windows security issue (MS03-026). Turns out that this is a service of the U.S. Department of Homeland Security. After looking at this site, I notice that they post warnings on all sorts of computer security issues. And on top of that, this RPC/DCOM issue is not the latest warning. Check out this year's list.
Responsible Journalism
I've also noticed that a lot of Internet sources are talking about this RPC vulnerability. (As well they should since it is possible for someone to exploit the flaw and get a remote command prompt on your box.) While reading some of these different reports, I kept coming across statements about exploit code being posted but I never saw any code samples.
Being the curious guy that I am, I decided to do some searches for the code. And after a few minutes, I found some links strangely enough from an article on the exploit, written by Tom Crazit of IDG News Service and posted to the Network World Fusion site. Read the following paragraph:
While there is nothing Microsoft can do to stop organizations from posting exploit code either, Toulouse noted that using that code to damage a company's network is a criminal act. "We continue to believe that the publication of exploit code is just not good for customers," he said.
After that sensible writing and quoting someone who says publicizing exploit code is not good, the next paragraph contains three links to exploit samples. Go figure!
Make sure you tell everyone to visit the Windows Update site. The attacks are coming.
7:49:24 AM 
|
