Content

Gartner warns of ‘very high risk’ to Windows users

Share

Security analysts at Gartner believe a flaw in Windows may be used to create a worm similar to last year's devastating "Blaster".

Last week Microsoft confirmed a flaw exists in its implementation of Abstract Syntax Notation (ASN) which could be exploited by an attacker to remotely run malicious code and take control of the target. ASN is used to describe communications protocols, and used indirectly by a multitude of services on Windows platforms.

All versions of Windows are affected, and Microsoft has released a patch, some six months after being notified of the flaw by researchers eEye Digital.

A report from Gartner, written by analysts including senior security analyst John Pescatore, warns the ASN vulnerability "presents attackers with the opportunity to unleash another MSBlast-class worm outbreak...mass attacks will almost inevitably attempt to exploit this vulnerability within the next few weeks."

Last August Blaster spread across the world in a matter of hours, bringing networks to a crawl as it scanned for new targets, and launched a denial of service attack against windowsupdate.com.

The patch is available from Microsoft here: https://www.microsoft.com/technet/security/bulletin/MS04-007.asp

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.