Windows Workstation Service vulnerability

[Doug Pearson <dodpears () INDIANA EDU>]

December 10, eWEEK -- Security experts warn of new way to attack Windows. Security experts have found a new way to 
exploit a critical vulnerability in Windows that evades a workaround. Microsoft Corp. issued a patch for the 
vulnerability in November, but the security bulletin also listed several workarounds for the flaw, including disabling 
the Workstation Service and using a firewall to block specific UDP and TCP ports. Researchers at security company Core 
Security Technologies discovered a new attack vector that uses a different UDP port. This attack still allows the 
malicious packets to reach the vulnerable Workstation Service. An attacker who successfully exploits the weakness could 
run any code of choice on the vulnerable machine. An attacker doesn't have to individually address computers on the 
network, but can broadcast an attack. Such a tactic could actually create a worm that spreads faster than the SQL 
Slammer worm did last year. Microsoft urged customers to apply the patch. "Applying the patch does correct the 
problem," said Iain Mulholland, a security program manager for Microsoft. 
Source: http://www.eweek.com/article2/0,4149,1408902,00.asp


--

Doug Pearson; Indiana University; dodpears () indiana edu
Phone: 812-855-3846; ViDeNet: 0018128553846
PGP: http://mypage.iu.edu/~dodpears/dodpears_pubkey.asc

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.