Exploits Attacking Windows Server Service

LURHQ reports that two exploits are on the loose the take advantage of vulnerabilities in the Windows Server Service. The exploits install bot software onto affected systems and connect the systems to IRC channels where the systems can then be remote controlled.

Microsoft released Security Bulletin MS06-040, "Vulnerability in Server Service Could Allow Remote Code Execution (921883)," to correct the vulnerability however numerous systems remain unpatched due to a variety of reasons. Administrators should scan their networks to discover unpatched systems, install the patch as soon as possible, and ensure their intrusion detection systems are up to date.

Microsoft also issued Security Advisory (922437) Exploit Code Published Affecting the Server Service," which contains additional information including potential workaround solutions.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.