dcsimg
 
 

Web Attackers Train Guns on Patched Windows MDAC Flaw

By Ryan Naraine  |  Posted 2006-06-08 Print this article Print
 
 
 
 
 

At least three different hacking groups are actively exploiting a patched Windows vulnerability to seed botnets for malicious use. Users are strongly urged to apply Microsoft's MS06-014 update.

Malicious hackers are actively exploiting a flaw patched by Microsoft in its April batch of bulletins to hijack computers for use in botnets, according to a warning from malware hunters.

Researchers at Exploit Prevention Labs, an Atlanta-based Internet security outfit, said several bot-seeding scripts are targeting the MDAC (Microsoft Data Access Components) flaw covered in the software maker's MS06-014 bulletin.

"I've seen three different scripts in one week. That's an indication that at least three different [hacker] groups have independently worked out their own exploit," said Roger Thompson, chief technical officer at Exploit Prevention Labs.

"As far as I know, there has been no published proof-of-concept for this exploit. Usually, they will simply copy and paste a published exploit with their own payload. But, it looks like they are now reverse-engineering the patches themselves," Thompson said in an interview with eWEEK.

The flaw is a remote code execution bug that exists in the RDS.Dataspace ActiveX control that is provided as part of the ActiveX Data Objects distributed in MDAC. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.

In the latest attacks, Thompson said, Internet users can become at risk by simply browsing to a maliciously rigged Web site or opening a specially crafted e-mail message.

Read the full story on eWEEK.com: Web Attackers Train Guns on Patched Windows MDAC Flaw



 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that baselinemag.com may send you Baselinemag offers via email, phone and text message, as well as email offers about other products and services that Baselinemag believes may be of interest to you. Baselinemag will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit