Hackers poised to exploit serious MS Web server hole

Microsoft is urging systems administrators and security managers to download a patch for a security flaw in its Web server...

Microsoft is urging systems administrators and security managers to download a patch for a security flaw in its Web server software. Just days after the company posted the patch on its Web site, a hacker has posted a program on the Internet that exploits the hole.

The hacker, using the name "Dark Spyrit", released the program that is designed to exploit the security hole. It allows someone with limited technical knowledge to exert complete control over a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.

Microsoft said that the security hole was an "extremely serious" flaw. The vulnerability, which is caused by an unchecked buffer in an extension that provides support for Internet printing capabilities within Windows 2000, was uncovered and reported to Microsoft by security vendor eEye.

Marc Maiffret, eEye's chief hacking officer, said an attacker could gain system-level access to servers, enabling them to view all files and execute any commands, and warned the threat was just as acute to a Fortune 100 company as a small operator.

Maiffret also predicted that instructions to take advantage of the hole would be "developed and shared by would-be attackers" within a matter of days.

"There are at least a million Web servers sitting on the Internet that, within a few minutes, you can get system level access to," he added.

A spokesman for Microsoft said the emergence of the code came as no surprise. "Customers who have applied the patch don't have to worry. Customers who haven't applied the patch should take this as a reminder to do so immediately."

Stuart Finlayson



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:




  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...