Today can reasonably be called "Exploit Wednesday" because invariably, those with details of vulnerabilities wait less than 24 hours before releasing loads of technical information, which means somebody somewhere simply cannot resist the urge to immediately write exploit code.
Be advised that detailed exploit code has been posted for the vulnerabilities covered by Microsoft Security Bulletins MS05-002, " Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711) ." So it's probably only a "matter of daze" before the exploit code is used to unleash various forms of malware, including worms, viruses, Trojans, new forms of spyware, new spam tactics, and who knows what else.
The exploit code was published less than 24 hours after the patch became available, which no doubt means that most businesses and individuals have not even had a chance to install that patch. The exploit was published by at least one group that thinks of itself as a security solutions provider. Wishful thinking?
End of Article
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
Let Your Users Reset Their Own Passwords: Free Download Try a 30 day free trial of Desktop Authority Password Self-Service – it provides an easy-to-use, robust system for allowing users to reset their own forgotten passwords or locked accounts.
Get Windows IT Pro & Mark Minasi’s Favorite Power Tools Guide Order Windows IT Pro now and get "More of Mark Minasi's Favorite Power Tools"--a in-depth guide to the most useful Windows commands --FREE with your paid order! Subscribe today, and save 58% off the cover price!
Deep Dive into VMware vSphere, eLearning Series Join John Savill to explore the major functionality capabilities of the vSphere virtualization platform, including identification of the changes from ESX 3.5.
Register
