An exploit has been unleashed onto the internet to take advantage of a critical flaw in Windows that was patched...
by Microsoft this week.
It targets the MSDTC vulnerability within Windows, which was patched last Tuesday by Microsoft. There are fears that a threat similar to the recent Zotob worm is about to start attacking unpatched machines.
Once a patch is released, hackers are able to see where the weakness in the operating system occurs. Users then need to race against the clock to test and install the patch onto their systems before an attack occurs.
Symantec reported the appearance of the exploit, which is now potentially available to hackers, and predicted others would soon follow.
The Zotob worm took advantage of a vulnerability in Microsoft’s Plug and Play feature in Windows 2000, after the company released a patch to the problem earlier this year.
The MSDTC component helps co-ordinate transactions on multiple servers and is enabled by default. It can be exploited remotely on Windows 2000 systems, which are still used widely in enterprises, despite Microsoft having ended support for the operating system.