Security 10745 Published by

Steve Bink send words that code to develop a worm for the "Buffer Overrun In RPC Interface Could Allow Code Execution" exploit has been already posted on hackersforums



The impact of this exploit if a worm is devloped makes CodeRED and SQL Slammer look like childplay, cause the security issue is on every NT based Windows.

Windows NT4, Windows 2000, Windows XP and Windows2003.

Code to develop a worm for this exploit are already posted on hackersforums, so a worm breakout may not be far away. Many users and system administrators dont realise the potential disaster that this worm might cause.

CodeRED and Slammer did not do much damage on the local system, it was concentrating on spreading itself via network.

This time a malicous hacker could decide to wipe the system after it has infected 10 machines. With this exploit it can gain acces with system provileges, which is the highest priviledge on a Windows system.

The "If it ain't broke, don't fix it" days are over in a connected world, OK the system might be running fine, but it is broke, a door is wide open.....
Download patch