Microsoft admits to Windows attack surge

happygeek 0 Tallied Votes 857 Views Share

Windows is, according to just about any security expert you ask, the operating system most vulnerable to attack. Unless the security expert happens to be from Microsoft, that is. So it was quite refreshing to see Microsoft admitting to a spike in attacks on Windows this week.

According to a posting by Holly Stewart on the Microsoft Malware Protection Center Threat Research & Response Blog Windows XP and Windows 2003 are officially under attack. Russia has seen ten times as many attack attempts than the global average, and the UK has witnessed a "surge" in the words of Microsoft.

Referring to the vulnerability that was patched by a Microsoft critical update and described in Security Bulletin MS10-042 which can allow remote code execution through the Windows Help and Support Center, Stewart states "As of midnight on July 12 (GMT), over 25,000 distinct computers in over 100 countries/regions have reported this attack attempt at least one time". The spike in attack attempts over this last weekend was really quite dramatic, and comes after Microsoft announced the timetable for releasing the fix.

Stewart says "these attack attempts have continued to expand and some new attack patterns have come into play" adding that the attacks witnessed in the wild "work only on Windows XP" and not Windows 2003. Of course, that hasn't stopped people from trying to exploit the vulnerability on versions of Windows that are not susceptible to it. Indeed, Microsoft says it has noticed that the most recent attacks have been indiscriminate when it comes to OS version rather than targeting XP as with the earlier attempts.

Despite some reports suggesting that Apple is more insecure than Microsoft in terms of vulnerabilities the truth will always out, and it's nice to see Microsoft coming clean on this. What would also be nice, and we've said it here at DaniWeb on more than one occasion, would be if people simply stopped using Windows XP which is becoming something of a zombie amongst operating systems .

Interestingly, this is the same vulnerability that was made public by a Google security researcher less than four days after he discovered it. "Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers" Mike Reavey, Director of the Microsoft Security Response Center says "makes broad attacks more likely and puts customers at risk". Reavey, and Microsoft, insist that the software vendor is in the best position to understand and repair such problems as it is the vendor who wrote the code in the first place. Which is why Microsoft is an advocate of what it calls responsible disclosure.

Microsoft asks that any security researcher who thinks they have found a vulnerability that is not resolved by the " 10 Immutable Laws of Security " to contact them at [email]secure@microsoft.com[/email] with the following information:
Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
Product and version that contains the bug
Service packs, security updates, or other updates for the product you have installed
Any special configuration required to reproduce the issue
Step-by-step instructions to reproduce the issue on a fresh install
Proof-of-concept or exploit code
Impact of the issue, including how an attacker could exploit the issue

khakilang -3 Posting Pro in Training

One of the reason why I chose to use Linux.

soothslayer 0 Newbie Poster

I'd like to know their response time to resolving issues that are reported to secure@ Microsoft.com

highclass 0 Newbie Poster

One of the reason why I chose to use Linux.

MidiMagic 579 Nearly a Senior Poster

I can't upgrade because it would mean an expensive replacement of all of my equipment and much of my real-time software.

I hate this upgrade frenzay because it usually requires people using real-time software (and sometimes hardware) to replace everything each time the operating system changes. Microsoft should be required to pay for it.

Tcll 66 Posting Whiz in Training Featured Poster

I refuse to upgrade because of the RAT MS built in Vista (hackers can't confirm this one works), and up.
(one of my friends has a friend who disabled Win8's RAT using python)
^ I'm trying to get info on how he did it but my friend hasn't been able to contact him.

I've recently installed linux as I'm sick of NTFS killing my HDDs
(ever since installing Linux, my HDDs havn't overheated once) :)

and I also call the install-reboot process a design flaw that's gotten worse in 7.
(you don't always need to reboot every time it wants you to, even in XP)

if MS developers knew how to update the RAM with new registry settings, a restart could very much (about 70% of the time) be avoided.

XP78USER 30 Posting Whiz in Training

Soon 7 will become a zombie and when left behind with no patches then the thousand rotten dirty hackers will othertake the operating systems

Tcll 66 Posting Whiz in Training Featured Poster

just thought I'd mention:

[12:56:46 AM] Diddy Kong: http://www.computerworld.com/article/2494493/mobile-wireless/hacker-finds-way-to-run-desktop-applications-on-windows-rt.html
[12:57:01 AM] Diddy Kong: ms gets their OS blasted by hackers again for locking shit to appstore fuckery
[12:57:27 AM] Diddy Kong: windows RT is the windows IOS edition sort of speak
[12:57:43 AM] Diddy Kong: where its like apple ipas and iphone devices and their restrictions and where software can come from
[12:57:56 AM] Diddy Kong: its an OS of windows designed for the ARM arcitecture
[12:59:22 AM] Diddy Kong: https://surfsec.wordpress.com/2013/01/06/circumventing-windows-rts-code-integrity-mechanism/

Soon 7 will become a zombie and when left behind with no patches then the thousand rotten dirty hackers will othertake the operating systems

thus completely compromizing any OS running the new kernel.

it's bad enough Windows7 already infects itself, unlike XP.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.