Tuesday, September 19, 2006

Problems, problems, problems but nobody seems to worry about it!

An ActiveX vulnerability has been acknowledged by Microsoft in a recent Security Advisory. This issue was originally made public on September 13th. Exploit code is available but exploitation in the wild has yet to be detected. User interaction like surfing to a malicious website is needed for an attack to succeed. Last Tuesday Microsoft released three Security Bulletins and updated bulletins MS06-040 and MS06-042. One of the newly patched vulnerabilities, MS06-052 Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution, can be remotely exploited without user interaction. However only Windows XP systems that have the non default Microsoft Queuing Service (MSMQ) installed are vulnerable. Because I continue to receive reports from some customers dealing with bots that exploit MS06-040. It's still a problematic period however nobody seems to be really aware of it. It seems that if the press is not taking up the new things, problems may seem to pass by with no dramatic payload. I'm warning everybody that I still see a lot of problems out there and this example is just one of them. Customers, home users and corporates will face more and more problems it they not counter these problems today!