Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Code for MSBlast variant posted online

Feb 17, 2004 9:24AM PST

A French website has posted exploit code for a critical vulnerability affecting Windows XP, NT, 2000, and Server 2003, only four days after Microsoft released a patch for the flaw on February 10, 2004. Microsoft urged users to apply the patch quickly, since it could be used to develop a worm similar to MS-Blast. According to Jay Heiser, chief analyst at TruSecure, the code circulating on the Web contains a payload for a distributed denial of service attack, but since it exploits a buffer overflow, can be used to engineer a more sophisticated attack. Computers that apply the patch should not be affected, but enough unpatched computers can cause havoc for the Internet as a whole.

http://news.zdnet.co.uk/internet/security/0,39020375,39146606,00.htm

Discussion is locked