Hackers poised to exploit serious MS Web server hole

Microsoft is urging systems administrators and security managers to download a patch for a security flaw in its Web server...

Microsoft is urging systems administrators and security managers to download a patch for a security flaw in its Web server software. Just days after the company posted the patch on its Web site, a hacker has posted a program on the Internet that exploits the hole.

The hacker, using the name "Dark Spyrit", released the program that is designed to exploit the security hole. It allows someone with limited technical knowledge to exert complete control over a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.

Microsoft said that the security hole was an "extremely serious" flaw. The vulnerability, which is caused by an unchecked buffer in an extension that provides support for Internet printing capabilities within Windows 2000, was uncovered and reported to Microsoft by security vendor eEye.

Marc Maiffret, eEye's chief hacking officer, said an attacker could gain system-level access to servers, enabling them to view all files and execute any commands, and warned the threat was just as acute to a Fortune 100 company as a small operator.

Maiffret also predicted that instructions to take advantage of the hole would be "developed and shared by would-be attackers" within a matter of days.

"There are at least a million Web servers sitting on the Internet that, within a few minutes, you can get system level access to," he added.

A spokesman for Microsoft said the emergence of the code came as no surprise. "Customers who have applied the patch don't have to worry. Customers who haven't applied the patch should take this as a reminder to do so immediately."

Stuart Finlayson



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.