Exploit targets Microsoft's latest Windows patch

Windows XP and Windows Vista systems can be exploited if they haven't been updated with Redmond's first patch of 2008, says security firm.

If you needed further proof that you should always patch Microsoft Windows when Microsoft tells you to do so, there's an exploit that will target Windows XP and Windows Vista systems lacking Microsoft's first patch of 2008.

Security firm Immunity has provided its customers a workable exploit of the TCP/IP (Transmission Control Protocol/Internet Protocol) vulnerability. This is standard practice for subscribers to see whether their system is vulnerable to an attack. However, the presence of an exploit (even one provided under contract) increases the likelihood that someone may offer it or something like it for free on the Internet.

Details of the exploit remain hidden behind a registration system, but a public video is available.

A successful exploit could allow an attacker to take complete control of an affected system and, according to Microsoft, "install programs; view, change, delete data; or create new accounts with full user rights."

If you haven't updated your system with the latest Microsoft patches, you can download MS08-001 here, or update your whole system here.

Tags:
Security
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Delete your photos by mistake?

    Whether you've deleted everything on your memory card or there's been a data corruption, here's a way to recover those photos.