Microsoft has realeased a new patch to plug a hole in some versions of its Windows software that could leave users vulnerable to hackers.
Security experts have described the weakness as similar to those exploited by the devastating "Blaster" and "Sasser" attacks.
The patch, included in the company's monthly security bulletin, fixes a hole that could allow hackers to take complete control of computer systems, Microsoft said. The problem is most serious on Windows 2000 systems, which could be accessed remotely through the operating system's "Plug and Play" hardware detection feature. Windows Server 2003 and Windows XP systems with major security updates are less vulnerable, but still could be affected by certain remote users or those within local systems, the company said. Marc Maiffret, chief hacking officer for eEye Digital Security, said yesterday that the hole resembled weaknesses that allowed the Blaster and Sasser worms to infect hundreds of thousands of computers worldwide.
In its security briefing yesterday, Microsoft said it had no indication the vulnerability had been publicly disclosed or exploited before the patch was issued. The company rated the patch "critical", its most serious designation, for Windows 2000. Security experts said the flaw's less-serious effect on Windows XP systems suggests the company may have tried to address the problem, but left users with older software mostly unprotected.
Stephen Toulouse, a program manager for Microsoft's Security Response Centre, said the particular weakness disclosed yesterday differed from the Sasser worm because it was less vulnerable on newer operating systems.
Security practices had also improved since the last major worm attacks were unleashed, he explained. "I think it's a pretty different environment right now," he said. "More and more customers are applying updates more quickly, more customers have better firewall protection."