Microsoft Corp is attempting to plug a glaring hole in some versions of its Windows software, a weakness similar to those exploited by the devastating "Blaster" and "Sasser" attacks, a security expert said.
The patch, included in the company's monthly security bulletin, fixes a hole that could allow hackers to take complete control of computer systems, Microsoft said.
The problem is most serious on Windows 2000 systems, which could be accessed remotely through the operating system's "Plug and Play" hardware detection feature.
Windows Server 2003 and Windows XP systems with major security updates are less vulnerable, but still could be affected by certain remote users or those within local systems, the company said.
Marc Maiffret, chief hacking officer for eEye Digital Security, said on Tuesday that the hole resembled weaknesses that allowed the "Blaster" and "Sasser" worms to infect hundreds of thousands of computers worldwide.
"This is the type of vulnerability that's been exploited many times, and those two worms are the biggest examples because they had the biggest impact," Maiffret said.
Microsoft rated the patch "critical," its most serious designation, for Windows 2000. Two other upgrades in this month's bulletin also received the critical rating.
The flaw's less-serious effect on Windows XP systems suggests the company may have tried to address the problem, but left users with older software mostly unprotected, Maiffret said.
"This bug has existed in code that's over four years old," he said. "It can't be the first time that somebody finally looked at it."
Improved security can be expected on newer software, but Microsoft said a wider hole in Windows 2000 doesn't signal any effort to avoid fixing problems with the older software.
BUILDUP: US General Dan Caine said Chinese military maneuvers are not routine exercises, but instead are ‘rehearsals for a forced unification’ with Taiwan China poses an increasingly aggressive threat to the US and deterring Beijing is the Pentagon’s top regional priority amid its rapid military buildup and invasion drills near Taiwan, US Secretary of Defense Pete Hegseth said on Tuesday. “Our pacing threat is communist China,” Hegseth told the US House of Representatives Appropriations Subcommittee on Defense during an oversight hearing with US General Dan Caine, chairman of the Joint Chiefs of Staff. “Beijing is preparing for war in the Indo-Pacific as part of its broader strategy to dominate that region and then the world,” Hegseth said, adding that if it succeeds, it could derail
CHIP WAR: The new restrictions are expected to cut off China’s access to Taiwan’s technologies, materials and equipment essential to building AI semiconductors Taiwan has blacklisted Huawei Technologies Co (華為) and Semiconductor Manufacturing International Corp (SMIC, 中芯), dealing another major blow to the two companies spearheading China’s efforts to develop cutting-edge artificial intelligence (AI) chip technologies. The Ministry of Economic Affairs’ International Trade Administration has included Huawei, SMIC and several of their subsidiaries in an update of its so-called strategic high-tech commodities entity list, the latest version on its Web site showed on Saturday. It did not publicly announce the change. Other entities on the list include organizations such as the Taliban and al-Qaeda, as well as companies in China, Iran and elsewhere. Local companies need
CRITICISM: It is generally accepted that the Straits Forum is a CCP ‘united front’ platform, and anyone attending should maintain Taiwan’s dignity, the council said The Mainland Affairs Council (MAC) yesterday said it deeply regrets that former president Ma Ying-jeou (馬英九) echoed the Chinese Communist Party’s (CCP) “one China” principle and “united front” tactics by telling the Straits Forum that Taiwanese yearn for both sides of the Taiwan Strait to move toward “peace” and “integration.” The 17th annual Straits Forum yesterday opened in Xiamen, China, and while the Chinese Nationalist Party’s (KMT) local government heads were absent for the first time in 17 years, Ma attended the forum as “former KMT chairperson” and met with Chinese People’s Political Consultative Conference Chairman Wang Huning (王滬寧). Wang
CROSS-STRAIT: The MAC said it barred the Chinese officials from attending an event, because they failed to provide guarantees that Taiwan would be treated with respect The Mainland Affairs Council (MAC) on Friday night defended its decision to bar Chinese officials and tourism representatives from attending a tourism event in Taipei next month, citing the unsafe conditions for Taiwanese in China. The Taipei International Summer Travel Expo, organized by the Taiwan Tourism Exchange Association, is to run from July 18 to 21. China’s Taiwan Affairs Office spokeswoman Zhu Fenglian (朱鳳蓮) on Friday said that representatives from China’s travel industry were excluded from the expo. The Democratic Progressive Party government is obstructing cross-strait tourism exchange in a vain attempt to ignore the mainstream support for peaceful development
RSS