Windows vulnerable to DoS attack

A recently discovered defect in Windows has made the software susceptible to a remotely accessed denial of service attack.

The defect in the Remote Desktop Protocol could affect Windows XP SP2 users, as well as those using Windows 2000, Windows XP SP1, Windows XP Professional x64, Windows Server 2003, Windows Server 2003 SP1, and Windows Server x64.

Microsoft issued a security advisory on Saturday downplaying the risk. "Our initial investigation has revealed that a denial of service vulnerability exists that could allow an attacker to send a specially crafted Remote Desktop Protocol (RDP) request to an affected system", the company said, which would cause affected computers to crash over and over again.

The vulnerability has not yet been exploited, Microsoft claims. But security experts at the SANS Institute reported an increase in scanning for port 3389, the one used by RDP. This may imply that hackers are looking for defenceless systems.

A patch will eventually be issued, but for now Microsoft advises users to block the port used by RDP (TCP 3389), or disable Terminal Services or Remote Desktop.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.