[Update 05/06/2004] As anticipated, a worm was created and released based off the code linked below. If you run windows XP and have not already done so, update your machine. For more details on the worm see Symantec
Greetings and welcome to the next episode of Who Wants to be Compromised. Today we have received word from Microsoft that multiple flaws exist in many versions of windows and Microsoft based applications. These flaws include LSASS, LDAP, PCT, Winlogon, Metafile, The Help and Support Center, The Utility Manager, Windows Management (WMI), Local Descriptor Table, H.323, The Virtual DOS Machine, SSP, SSL, and ASN.1 “Double Free” vulnerabilities. Keep in mind that these are new flaws so you need to download new patches if would like your windows based machines to remain under your control. Also note that various security experts have already sighted signs of an upcoming internet worm that exploits some of the vulnerabilities listed above.
Click here to download the Patch
Click here to download the proof of concept / exploit for SSL
Click here to download the proof of concept / exploit for Lsasrv.dll RPC buffer overflow
Comments (0)
Topsight.net
http://www.topsight.net/article.php/20040423174515889