Code on web exploits Microsoft server flaw


Code on web exploits Microsoft server flaw

Antony Savvas

Rogue code has been posted on the internet that could exploit a flaw in unpatched Microsoft Host Integration Servers.

The exploit forms part of Metasploit, a toolkit used by penetration testers and criminal hackers.

This Tuesday, Microsoft issued security bulletin MS08-059 to address the vulnerability posed to host servers.

Microsoft said the the vulnerability could allow remote code execution "if an attacker sent a specially crafted remote procedure call request to an affected system".

Redmond said the patch was a priority for system administrators. The rogue code could, however, be used by hackers before some organisations have time to check the suitabality of the patch for their systems.


COMMENTS powered by Disqus  //  Commenting policy