Windows 2000 Exploit Code Released
Apply those MS04-019 and MS04-022 security patches as needed.
Less than a week after Microsoft released a fix for an ''important'' privilege elevation vulnerability in the Windows 2000 Utility Manager feature, hackers have reverse-engineered the patch and released the code that could lead to an exploit.
Microsoft confirmed that the vulnerability could allow a logged-on user to misuse the Utility Manager to start an application with system privileges and take control of the system.
''An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges,'' the company warned.
The availability of exploit code increases the risk of viruses and worms targeting the Windows 2000 OS family, which is installed on the majority of enterprise desktops in the United States.
It also highlights the patch management conundrum faced by the software giant as it struggles to cope with the speed with which hackers create and release malicious exploits. According to Microsoft statistics, an exploit for the Code Red and Nimda worms was released 331 days after a patch was made available. In the case of the Slammer worm, exploit code was available in 180 days while the Blaster worm exploit was ready in just 25 days.
The SANS Internet Storm Center also detected another exploit targeting the MS04-022 flaw. The center did not provide any additional information.
The MS04-022 advisory patches a buffer overflow in the Windows Task Scheduler feature that could lead to system hijack. Affected products include Windows 2000 and Windows XP. The Windows NT Workstation and Windows NT Server operating systems are not affected by default.
As with the MS04-019 vulnerability, this flaw also allows attackers to hijack affected systems, install programs, view, change, or delete data with full privileges.
Late Monday, Microsoft released an update to MS04-022 patch to provide an additional workaround to prevent the possibility of an attack.
This article was first published on internetnews.com.