Hackers exploit latest Windows flaw!

[Dashken]

Quote:

Attackers have created exploits that use flaws in Microsoft Windows for which Redmond released patches only last Tuesday.

The exploits are proofs of concept, meaning they demonstrate the flaw without causing any harm. But attackers can use the concept code to create their attacks.

The French Security Incident Response Team (FrSIRT) published details about the first exploit on Wednesday. The code demonstrates how a specially created BMP image file in the Windows Media Player could allow an attacker to run arbitrary code on victim PCs.

Microsoft on Tuesday patched the vulnerability as part of its monthly patch release cycle. It rated the flaw a "critical".

Online criminals have significantly increased the speed at which they exploit newly published security flaws in software in an effort to infect systems before users update.

Such attacks typically aim to steal confidential information such as credit card information or seek to recruit new computers for botnets that are rented out to send spam and launch online extortion schemes including distributed denial of service attacks.

Source: http://www.vnunet.com/vnunet/news/21...exploit-latest