Exploit code for security bugs in Microsoft’s Windows operating system is circulating, security experts have warned.
The SANS Internet Storm Centre warned that exploit code for two critical security flaws and one serious vulnerability were “publicly available”.
Microsoft issued fixes for the vulnerabilities earlier this month in security bulletins MS06-034, MS06-035 and MS06-036, as part of its regular monthly patching cycle.
MS06-035 patched critical flaws in Windows’ Server Service, with MS06-36 tackling a bug in the DHCP Client service. Microsoft warned that the critical flaws could allow remote code execution by attackers.
MS06-034 was issued to prevent remote attackers from commandeering web servers, by exploiting a “serious” vulnerability.
Microsoft later updated the patch to iron out two problems with the patches reported by users.
In a posting on its website, the SANS Internet Storm Centre advised, “If you haven't already patched for these vulnerabilities you should take immediate action.”
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats