[ISN] More worms likely: expert
isn at c4i.org
Mon Aug 22 04:15:12 EDT 2005
By Sam Varghese
August 19, 2005
More worms could be in the works to exploit unpatched vulnerabilities
in Microsoft's products, a US security professional says.
Marc Maiffret, chief hacking officer of eEye Digital Security, said
two critical flaws, among eight discovered by the company , could
be exploited by worms.
The details of all eight have been posted on the company's website.
Maiffret would not specify which of the eight were open to remote
"Two of them are remotely exploitable and they are also both on the
magnitude of the PNP vulnerability," Maiffret said, referring to the
flaw in Microsoft Windows which was exploited by the Zotob worm and
numerous other variants over the past week.
"But you never know with worms, (it) really just depends if there is
someone that cares to write one."
eEye follows a policy of releasing limited information about a
vulnerability publicly while sending full details to the vendor.
Although the company considers 60 days sufficient time to
fix any flaw, it discloses full details of a bug only after the vendor
has released a fix.
Full details of the eight vulnerabilities in Microsoft products have
been sent to the vendor, one as long as four months ago.
Two vulnerabilities in the Real Audio player and one in Macromedia's
products have also been listed.
eEye first shot to prominence in 2001 when it discovered a
vulnerability in Microsoft's IIS web server which was later exploited
by a worm named Code Red, causing major problems on the internet.
More information about the ISN