Microsoft has rushed out an emergency patch for a flaw that could be used in a worm attack.
The update came several weeks ahead of its standard ‘patch Tuesday' after claiming that the flaw was being exploited in limited targeted attacks. This is the first emergency patch to be issued since April 2007, as Microsoft claimed that although firewalls would typically prevent this latest attack from spreading across the Internet, it could wreak havoc within corporate local area networks.
The company claimed that the flaw was in the Windows Server service, used to connect different network resources such as file and print servers over a network. By sending malicious messages to a Windows machine that uses Windows Server, an attacker could take control of the computer.
The company said: “It is possible that this vulnerability could be used in the crafting of a wormable exploit. If successfully exploited, an attacker could then install programs or view, change, or delete data; or create new accounts with full user rights.”
Microsoft spokesman Christopher Budd said that his team had become aware of the attacks about two weeks ago, when it found a small number of ‘targeted' attacks against XP systems. Because the flaw was wormable, and since the patch could be worked up quickly, Microsoft decided to rush out its update ahead of the company's 11 November security release.
Symantec said in a statement: “Given the nature of this vulnerability, the number of vulnerable systems, and the fact that it is already being exploited in the wild, the chances of a worm and/or bots leveraging this issue are extremely high.”