Attack code out for 'critical' Windows flaw

By Joris Evers
Posted on ZDNet News: Jan 17, 2007 1:09:00 AM

Computer code that exploits a security vulnerability in Windows has been published on the Internet, making it more urgent for users of the operating system to patch.

The attack code exploits a flaw in the way Windows handles Vector Markup Language, or VML, documents, which are used for a type of high-quality graphic on the Web. The bug lies in a Windows component called "vgx.dll" that supports these files.

Microsoft provided a fix for the flaw last week with security bulletin MS07-004. At the time, the company warned that it had already seen limited cyberattacks exploiting the vulnerability. However, attack code hadn't been available publicly. On Tuesday, exploit code was published to a widely-read online security forum.

"Microsoft is aware that detailed exploit code was published on the Internet that may take advantage of the vulnerability addressed by Microsoft security bulletin MS07-004," a company representative said in a statement. "Microsoft encourages all customers to apply the most recent security updates."

Prior to the public posting of the exploit, other code that takes advantage of the flaw had been made available to users of a security testing tool made by Immunity. However, these attack blueprints are private, supplied to people who pay for the tool.

Functionality of the public exploit code appears to be limited, Symantec said in an alert to users of its DeepSight security intelligence service Tuesday. Symantec was unable to get the exploit to work on English language versions of Windows XP and Windows 2000, the company said. Still, the exploit could provide a starting point for other hackers, Symantec said.

"The author has posted the exact location of the flaw, shown in a screen shot from a binary analyzer, increasing the likelihood of other exploits being developed," according to the Symantec alert.

The VML flaw is similar to a bug for which Microsoft rushed out a fix in September after Windows users came under attack. The vulnerability can be exploited by tricking a user into viewing a malicious VML file on a Web site with Internet Explorer.

All recent versions of Windows are vulnerable when all recent versions of IE, including IE 7, are in use, according to Microsoft. The exception is Windows Vista, which is not impacted, the software maker said. Microsoft's patches are distributed via Automatic Updates and on the company's Microsoft Update downloads Web site.

SponsoredWhite Papers, Webcasts, and Downloads

The True Costs of Virtual Server Solutions VMware Discover ways to streamline and simplify your assessment of the total acquisition costs of a server virtualization environment. Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the high cost of maintaining or building ever-larger data centers? Get the facts you need to formulate your Virtualization Action Plan. Download Now

Talkback
Most Recent of 76 Talkback(s)

Thread View
Flat View

Attack code out...: Loverock, you are consistent. Always rushing to the defense of MS. Is there anything that they can't do wrong?... (Read the rest); Posted by: rondev Posted on: 02/02/07 You are currently: a Guest | Log in | Terms of Use

Oh my god, I am starting to cry! Poor Microsoft again a victim of their DonnieBoy | 01/16/07

Oh, sorry, if you read the EULA, you, the valuable customer are resoponible DonnieBoy | 01/16/07

I give this a 5..0 on the ... Confused by religion | 01/16/07

Hey, I clearly articulated how end users have no rights or recourse DonnieBoy | 01/17/07

a 9.9? You can't be serious... Badgered | 01/17/07

Ok, I humbly accept your honest appraisal. I will work in phone calls with DonnieBoy | 01/17/07

Well Badgered | 01/17/07

I Give It A 10 booshcat | 01/18/07

No rights or recourse??? Cayble | 01/17/07

unless Alzie | 01/18/07

Hey, I like my Gloat-o-Meter Chad_z | 01/17/07

Place it right next to your dumb-o-meter. No_Ax_to_Grind | 01/17/07

Hypocrisy Jack-Booted EULA | 01/17/07

So between the two of you Shelendrea | 01/17/07

Please, keep your families No_Ax_to_Grind | 01/17/07

But that place has and alway will be Hrothgar - PCLinuxOS User | 01/17/07

Now I understand .... jschott@... | 01/17/07

Hi buddy, BregS | 01/16/07

I guess you missed No_Ax_to_Grind | 01/17/07

"Vista not impacted"... Mike Cox | 01/16/07

nah, ya MS shill drew30319 | 01/16/07

LOL Shelendrea | 01/17/07

Gee...I didn't know... Cayble | 01/17/07

LOL....5.1 mdsmedia | 01/16/07

Vista is doing well... mrmckeb@... | 01/17/07

I would hope so BitTwiddler | 01/17/07

No...you haven't been listening to the WIndows haters very well. Cayble | 01/17/07

Yummm shallow_diver | 01/17/07

Not impacted here GoatTuber | 01/17/07

8.8 Badgered | 01/17/07

Definitly... Wolfie2K3 | 01/17/07

Hook, line, sinker flatliner | 01/17/07

Maybe Microsoft released the exploit code . . . critic-at-arms | 01/17/07

"Vista not impacted"... tracy anne | 01/18/07

Vista can be infected with tihs as well. Mercat | 01/21/07

Attack code out for 'critical' Windows flaw Loverock Davidson | 01/16/07

once again...reading for comprehension 101, Lovey mdsmedia | 01/16/07

Read it pretty clearly Loverock Davidson | 01/17/07

Clarification Badgered | 01/17/07

Attack code out... rondev | 02/02/07

i know that binary analyzer cleartext | 01/17/07

You have won! davedufour | 01/17/07

True mames1701 | 01/17/07

What version of Linux are you running 0.9? Linux User 147560 | 01/17/07

I dumped windows Hrothgar - PCLinuxOS User | 01/17/07

Bill Gattes didn't even graduate College. nomorems | 01/17/07

Perhaps Badgered | 01/17/07

Wait just a minute............ Badgered | 01/17/07

Attack code out for 'critical' Windows flaw sassen | 01/17/07

It's really a critical "Internet Explorer" flaw WiredGuy | 01/17/07

So, are you saying.... techboy_z | 01/17/07

Or, Jambalaya Breath | 01/17/07

OHH MY FRIGGIN GAWD!!! Hard Cider | 01/17/07

Then hurry and install the Apple patchs No_Ax_to_Grind | 01/17/07

Yup - Apple is much better at stopping threats from becoming reality. nomorems | 01/17/07

Naw, no one bothers writing hacks for a OS No_Ax_to_Grind | 01/17/07

That's possible ... Jambalaya Breath | 01/17/07

Ya, great, we will be sure... Cayble | 01/17/07

Good thing im running Vista.... JoeMama_z | 01/17/07

big HUGE yawn Shelendrea | 01/17/07

Like that means much... Wolfie2K3 | 01/17/07

There you go using common sense... No_Ax_to_Grind | 01/17/07

No actually Linux User 147560 | 01/17/07

*BLUSH* Shelendrea | 01/19/07

pfft Badgered | 01/19/07

Guess I'm Lucky mames1701 | 01/17/07

of course Badgered | 01/17/07

and after a month or 2? You might like to try a hirez | 01/17/07

so what... andyILM | 01/17/07

IE is a critical flaw sweklaweklfwe@... | 01/17/07

Ha! You should learn how to use a computer!! Cayble | 01/17/07

Here's your Koolaid smokeyboy03801@... | 01/17/07

sloppy reporting NDeBord | 01/17/07

MS should just send the military after the posters Boot_Agnostic | 01/18/07

Fortunately, in this Reality... Zogg | 01/20/07

Bow before Zogg Boot_Agnostic | 01/20/07

What do you think?

White Papers, Webcasts, and Downloads

The True Costs of Virtual Server Solutions VMware Discover ways to streamline and simplify your assessment of the total acquisition costs of a server virtualization environment. Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the high cost of maintaining or building ever-larger data centers? Get the facts you need to formulate your Virtualization Action Plan. Download Now