An exploit has been unleashed onto the internet to take
advantage of a critical flaw in Windows that was patched by
Microsoft this week.
It targets the MSDTC vulnerability within Windows, which was
patched last Tuesday by Microsoft. There are fears that a threat
similar to the recent Zotob worm is about to start attacking
unpatched machines.
Once a patch is released, hackers are able to see where the
weakness in the operating system occurs. Users then need to race
against the clock to test and install the patch onto their systems
before an attack occurs.
Symantec reported the appearance of the exploit, which is now
potentially available to hackers, and predicted others would soon
follow.
The Zotob worm took advantage of a vulnerability in Microsoft’s
Plug and Play feature in Windows 2000, after the company released a
patch to the problem earlier this year.
The MSDTC component helps co-ordinate transactions on multiple
servers and is enabled by default. It can be exploited remotely on
Windows 2000 systems, which are still used widely in enterprises,
despite Microsoft having ended support for the operating
system.