Wednesday, June 14, 2006

Black Tuesday - Let the PoCs Begin...

As many of you know, Microsoft released 12 patches yesterday. They say this is the biggest release of the year so far.

Hopefully this is a sign that Microsoft is stepping up its vulnerability discovery in house.

I believe that Microsoft has finally stated to see that there are people in the world who hold large caches of zero-days...sometimes sitting on them for a very long time.

Two exploit from 2005 were posted to Milw0rm.com recently.

June 2005 MS06-30 PoC - http://www.milw0rm.com/exploits/1911
Nov 2005 MS06-30 P0C - http://www.milw0rm.com/exploits/1910

Microsoft has recently the patches and now the responsible falls to the admins and users.

Several critical exploits will most likely be constructed out of the June Microsoft patches, so if you don't have a patch plan yet, make one.

Home users should ensure that automatic update is turned on. Take the time and download your patches. I hate to see my friends running computers without SP2, because I know they are most likely infected with all types of really evil stuff.

The more geek natured people will browse over and install them manually, of course.

Keep your eyes open people; this could be a very interesting next couple of weeks.

No comments:

Post a Comment