Exploits Aplenty for Patch Tuesday BugsBy Ryan Naraine | Posted 2006-06-14 Email Print
Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
Less than 24 hours after Microsoft shipped patches for 21 serious software vulnerabilities, researchers have created and published proof-of-concept code.
Less than 24 hours after the release of patches for 21 product vulnerabilities, proof-of-concept exploits are popping up on the Internet.
According to the SANS ISC (Internet Storm Center), a group of volunteers who track malicious Web activity, there are at least five publicly available exploits for flaws patched in June's Patch Tuesdayincluding one for the MS06-027, the bulletin that covers a critical Microsoft Word code execution bug.
The Microsoft Word vulnerability has already been used in attacks against specific business targets, and the exploit signals that the window between the release of patches and the creation of exploits has narrowed considerably.
The Word exploit was released by vulnerability researchers at Immunity, a Miami-based penetration testing company.
Immunity's Word exploit was created after the first round of zero-day attacks and released IDS (intrusion detection companies) and larger penetrating testing firms as part of a partner program.
In early June 2006, the company updated its CANVAS product to include modules that exploited the Word bug.
CANVAS is a platform that hosts hundreds of exploits, automated exploitation systems and an exploit framework for penetration testers and security professionals worldwide.
Those patches cover "critical," remote code execution flaws in the ubiquitous Windows Media Player and the RRAS (Routing and Remote Access Service) used in Windows.
Over at Milw0rm, a Web site that publishes exploits submitted by security researchers around the world, there are two separate proof-of-concepts for MS06-030, the bulletin that addresses a pair of flaws in Microsoft's implementation of the SMB (Server Message Block) protocol.
The SMB protocol is used in Windows to share files, printers, serial ports, and also to communicate between computers.
The release of exploit codebefore or after patches are availableis a controversial practice that is frowned upon by Microsoft.
Read the full story on eWEEK.com: Exploits Aplenty for Patch Tuesday Bugs