Patch/Configuration Management, Vulnerability Management

Exploits threaten patched Windows flaws

Two new exploits that seek to take control of PCs through already-patched Windows vulnerabilities have been found in the wild.

The French Security Incident Response Team (FrSIRT) sent out an advisory on Monday for an exploit taking advantage of a flaw in the Windows Dynamic Host Configuration Protocol, which was patched in the July 11 MS06-036 release.

The second exploit takes advantage of a flaw in Mailslot heap overflow that was also patched earlier this month, according to an additional advisory released by FrSIRT.

Both of the exploits can take control of a PC after infection.

Microsoft is not aware of any attacks using the exploit code, but the Redmond, Wash., company is monitoring the situation, a company spokesman said today.

The company did confirm, however, that the exploit code does not affect systems fixed since this month's Patch Tuesday.

Microsoft advised PowerPoint users last week to avoid Office files from untrusted sources after reports of exploits for a recently discovered flaw in PowerPoint surfaced.

Earlier this month, Stephen Toulouse, security program manager for the Microsoft Security Response Center, said the company was "on a state of high alert" since targeted attacks on Office flaws were first reported in recent months.

The PowerPoint exploit, like an exploit for Excel used a month before, was first seen in the days following Patch Tuesday, when Microsoft released seven new patches for flaws in its products.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.