Spyware, Viruses, & Security forum

General discussion

NEWS - November 16, 2006

by Marianna Schmudlach / November 16, 2006 7:26 AM PST

Exploits Surface For Critical Microsoft Bug

Both proof-of-concept exploit code and a public exploit have popped up for the bug fixed in MS06-070, a security update that patched Windows 2000's and Windows XP's Workstation Service.

By Gregg Keizer

Nov 16, 2006 03:36 PM

Just two days after Microsoft patched 13 vulnerabilities, programmers have crafted working exploits against a pair of bugs, one of them dubbed critical, security researchers said Thursday.

Both proof-of-concept exploit code and a public exploit have popped up for the bug fixed in MS06-070, a security update that patched Windows 2000's and Windows XP's Workstation Service, a routing service used by the operating system to determine if file or print requests originate locally or remotely. Microsoft pegged MS06-070 with its "critical" ranking, the highest threat warning it assigns updates.

"We've confirmed exploit code from two different sources," said Amol Sarwate, the manager of Qualys' vulnerability lab. "The window [of time] to exploit is definitely shrinking."


Discussion is locked
You are posting a reply to: NEWS - November 16, 2006
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - November 16, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Microsoft Keeps Software Update Services Alive Until July
by Marianna Schmudlach / November 16, 2006 7:28 AM PST

SUS was to be dropped on Dec. 6, about a week before next month's regularly scheduled security releases. Now, SUS will be kept on life support until July 10.

By Gregg Keizer

Nov 16, 2006 01:14 PM

Just weeks before it was slated to retire Software Update Services, Microsoft announced that it has extended the life of the aged patching software by seven months.

SUS was to be dropped on Dec. 6, about a week before next month's regularly scheduled security releases; corporate users were to have moved on to the newer Windows Server Update Services by then. Now, however, SUS will be kept on life support until July 10.

"In response to customer feedback, and to provide customers with additional time to migrate off Software Update Services 1.0, we've gone ahead and announced an extension," said Mike Reavy, program manager with the Microsoft Security Response Center (MSRC), on the group's blog.


Collapse -
Worm uses Real Media files to infect
by Marianna Schmudlach / November 16, 2006 7:29 AM PST

Dan Kaplan Nov 16 2006 20:22
McAfee is warning of a new worm that modifies Real Media files and launches a malicious website without a user prompt.

Once the page is open, the worm can spread over network drives and shared files to "download whatever the (malware) author wants to download," Craig Schmugar, threat researcher with McAfee Avert Labs, told SCMagazine.com on Wednesday.

The worm initially infects a user's PC when he or she is duped into downloading an executable that scans the system for RMVB (Real Media Variable Bitrate) files to target, he said.

While McAfee has seen only localized outbreaks of the worm, particularly in the Far East, users should exercise caution when playing seemingly safe video files, Schmugar said. The problem is further exacerbated by the rise of peer-to-peer file sharing.


Collapse -
Experts raise Windows security alarm
by Marianna Schmudlach / November 16, 2006 7:32 AM PST

By Joris Evers
Staff Writer, CNET News.com

Published: November 16, 2006

Computer code that exploits a "critical" Windows 2000 vulnerability has been released on the Internet, increasing the likelihood of attacks, experts warned Thursday.

The code takes advantage of a security hole in a key operating system component that routes file system and print requests called the "Workstation Service." On Windows 2000 systems, the flaw could be exploited via the Net by an anonymous attacker without any user interaction, raising the possibility of the arrival of a Zotob-like worm.

"Somebody could write a piece of code that targets Windows 2000, and that replicates itself, and then you would have a worm go around the Internet," said Monty IJzerman, senior manager in McAfee's Global Threat Group.


Collapse -
Apple's Mac Computers Attracting More Buyers And Hackers
by Marianna Schmudlach / November 16, 2006 7:36 AM PST



Apple Computer (AAPL) users have been spared from the viruses, worms and spyware that have plagued computers running Microsoft (MSFT)Windows.

But they shouldn't get too smug about it.

Hacker interest in attacking Apple's Macintosh has been on the rise, according to security software maker McAfee. (MFE)

McAfee found that vulnerabilities for the Macintosh went up 228% from 2003 to 2005 vs. a 78% increase for Microsoft Windows.

The Windows increase came off a much larger base ? in sheer numbers, its vulnerabilities dwarfed those on the Macintosh. But Apple users should heed the warning.


Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?