Security managers’ headaches only get worse when the ‘zero day’ time between a vulnerability being disclosed and an exploit being released gets shorter and shorter.
Last week, the time lag was squeezed even further when an exploit that takes advantage of a critical vulnerability in Microsoft’s Windows 2000 software was detailed just a day after the flaw was disclosed.
Miami-based security research firm Immunity released a proof-of-concept exploit taking advantage of a flaw in the Microsoft Distributed Transaction Coordinator (MSDTC) service within the Windows 2000 operating system. The flaw, described as “highly wormable,” allows attackers to take complete administrative control of Windows 2000 servers.
I suppose a security research firm issuing a ‘proof-of-concept’ is marginally better than a ne’er-do-well releasing a ‘real’ exploit, but the feeling persists that these ‘research’ firms feast on security vulnerabilities like piranhas. It’s not just Microsoft recently that’s been on the receiving end as another of the parasitic firms, a little too gleefully it seems, publicly releases their next exploit.
The impression is of a rather distasteful feeding-frenzy, which we could all do without.