Galaxy S23 Leak ChatGPT and Bing Father of Big Bang Theory 'The Last of Us' Recap Manage Seasonal Depression Tax Refunds and Identity Theft Siri's Hidden Talents Best Smart Thermostats
Want CNET to notify you of price drops and the latest stories?
No, thank you

Attack code comes on heels of Microsoft patches

Just a day after patches for vulnerabilities are released, code designed to exploit those weaknesses appears on Net.

Just a day after Microsoft released patches for vulnerabilities in some of its software, code designed to take advantage of those weaknesses appeared on the Internet.

Most of the patches that Microsoft issued were for flaws that were widely known. But at least two flaws were made public for the first time on Tuesday as part of the company's monthly security update.

Security firms reported finding the code on Wednesday. The exploit code for previously unknown flaws means hackers could use the code to pounce on computer systems with managers who are slow to apply patches.

"Microsoft is aware that detailed exploit code was published on the Internet for some of the vulnerabilities," the software maker said in a statement. "With the exception of MS06-027 (the Word malware that began circulating last month), Microsoft is not currently aware of any active attacks utilizing this exploit code...the exploit code does not affect users who have installed all June security updates."

In all, Microsoft issued patches for 21 flaws in its security update, saying all but two of them could let an intruder run malicious code on a compromised computer.

Some of the exploits that appear on the Web are for "critical" flaws in Windows Media Player and for "routing and remote access." The SANS Internet Storm Center reported that two exploits were for the "routing and remote access."

VeriSign's iDefense team also announced that it had developed a "proof of concept" exploit code for a security hole in the ".art" file, a file type used often for AOL services and Web sites, according to iDefense.