Ubizen Warns Of Second Vulnerability Post-Blaster – With No Patch

Ubizen, Europe’s leading managed security service provider (MSSP), is warning its customers of a second critical vulnerability in versions of Microsoft Windows. This warning follows ongoing alerts regarding a worm, nicknamed Blaster, that is infecting computer users across the world taking advantage of a similar hole in Microsoft’s software, more specifically, the RPC service. However, unlike the hole exploited by the Blaster worm, Microsoft has not yet issued a patch. Microsoft Windows 2000 systems that installed the Microsoft patch to counter the Blaster worm are still vulnerable to this second vulnerability. Other Windows releases are not susceptible to this second vulnerability.

The latest vulnerability is located in the part of RPC that deals with message exchange over TCP/IP. Through this vulnerability, remote attackers could take down affected systems by sending malformed data to the RPC service. Such a Denial-of-Service attack would be manually targeted by an attacker towards one or more specific targets, as opposed to a worm like Blaster – a type of computer virus that distributes itself via the internet to numerous other computer systems, and from every infected system then randomly starts to look for computers that have not been patched for security holes. Once found, the story starts all over.

Several exploit tools have already been found “in the wild” that allow a remote attacker to cause such a targeted Denial-of-Service attack.

It is unlikely that a worm that uses code to exploit this second vulnerability will arise, as it is very hard to implement. Remote attackers would not be able to execute commands on affected systems – however, local attackers could.

About Ubizen Ubizen is the principal provider of Managed Security Solutions for global businesses. Companies rely on Ubizen OnlineGuardian(r) services to manage, monitor and support security devices 24x7x365. Ubizen’s Professional Services complement Ubizen OnlineGuardian managed services, by helping enterprises plan and implement security policies and infrastructures. Ubizen is also pioneering solutions for Application Security. For more information visit www.ubizen.com