Computer code that exploits a critical new software vulnerability in the Windows XP and Windows 2000 operating systems is circulating on the Internet, according to security experts. Two examples of "exploit" code for a buffer overrun in the Windows Workstation Service were posted to security-related Internet discussion groups on Friday and Saturday. Both exploits have been tested and work, according to Dan Ingevaldson, director of X-Force at Internet Security Systems.
The Workstation Service vulnerability was disclosed by Microsoft in Security Bulletin MS03-049, which was released on November 11. The service is turned "on" by default in Windows 2000 and Windows XP systems and allows computers on a network to connect to file servers and network printers, Microsoft said.
Both the CERT Coordination Center at Carnegie Mellon University and ISS issued advisories last week regarding the Workstation Service vulnerability, warning that it was easy to exploit and well suited to use by self-spreading Internet worms.
View: The full story
News source: PCWorld.com