Exploit targets Microsoft's latest Windows patch

Windows XP and Windows Vista systems can be exploited if they haven't been updated with Redmond's first patch of 2008, says security firm.

If you needed further proof that you should always patch Microsoft Windows when Microsoft tells you to do so, there's an exploit that will target Windows XP and Windows Vista systems lacking Microsoft's first patch of 2008.

Security firm Immunity has provided its customers a workable exploit of the TCP/IP (Transmission Control Protocol/Internet Protocol) vulnerability. This is standard practice for subscribers to see whether their system is vulnerable to an attack. However, the presence of an exploit (even one provided under contract) increases the likelihood that someone may offer it or something like it for free on the Internet.

Details of the exploit remain hidden behind a registration system, but a public video is available.

A successful exploit could allow an attacker to take complete control of an affected system and, according to Microsoft, "install programs; view, change, delete data; or create new accounts with full user rights."

If you haven't updated your system with the latest Microsoft patches, you can download MS08-001 here, or update your whole system here.

Featured Video

Why do so many of us still buy cars with off-road abilities?

Cities are full of cars like the Subaru XV that can drive off-road but will never see any challenging terrain. What drives us to buy cars with these abilities when we don't really need them most of the time?

by Drew Stearne