Shortly after Microsoft released the MS05-051 security
bulletin in October, on November 27th, a proof of concept
(POC) was released against systems vulnerable to MS05-051. Any
malicious attackers getting the POC can rewrite the program
and develop exploits. New outbreak worms exploiting MS05-051
may appear in a very near future.
MS05-051 concerns the Microsoft Distributed Transaction
Coordinator (MSDTC), which is a component that is usually used
by database software in order to manage transactions. BSST
(Broadweb Security Service Team) found that MSDTC
vulnerabilities have many characteristics that are similar to
the MS05-039 PnP vulnerability, which was notorious for
causing Zotob worm. “The MSDTC vulnerability is not difficult
to exploit. What’s worse, the MSDTC service is run by default
on Windows 2000”, said Eddie Chen, Director of Broadweb
Security Service Division.
BSST has released the countermeasure signature in pattern
version 3.26, which includes:
# 1052244_EXPLOIT MS Distributed Transaction Coordinator
(MS05-051)
NetKeeper users are urged to upgrade their signature
patterns to version 3.26 or later and apply the patch
(http://www.microsoft.com/technet/security/Bulletin/MS05-051.mspx)
as well in order to thwart attacks or potential future worms
that exploit MSDTC service vulnerability.
Broadweb Security Service Team (BSST) - Empower Your
Network Security
Broadweb NetKeeper Intruder Prevention System delivers
the protection against intrusion, worms, DDOS, Instant
messaging, P2P , Web-Mail, and Web
Post. | 