New coded exploits that take advantage of a widespread Microsoft Windows vulnerability have been posted online. By most reports, malicious scans to expose vulnerable systems are running rampant a week after government warnings regarding the flaw, TechNewsWorld.com reports.
Ever since Microsoft disclosed the RPC vulnerability on July 16th, security experts and government officials have warned of a looming attack or worm that could take advantage of it. The vulnerability involves a flaw in the Remote Procedure Call (RPC) protocol that could allow malicious users to execute code remotely, and the critical software hole affects all of Microsoft`s recent operating systems, including Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003.
Forrester research director Michael Rasmussen said the high activity surrounding the Windows vulnerability indicates a worm is soon to come.
"I definitely think that we`re very close to seeing a worm," he told TechNewsWorld. "I hate to raise a red flag and then have nothing happen, but the truth is, there`s a legitimate likelihood we`ll see an attempt through that exploit."
Rasmussen said a worm based on the RPC vulnerability could be released simply to spread itself or might be used in a targeted attack to destroy or steal information using a malicious payload.