Microsoft is investigating new public reports of a zero-day Windows vulnerability that’s being exploited in the wild.
According to a this SecurityFocus alert, the attacks are exploiting a remote code-execution vulnerability due to an unspecified error in NSlookup.exe, the command-line administrative tool used for testing and troubleshooting DNS servers.
- Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer. Failed attacks will cause denial-of-service conditions. Microsoft Windows XP Professional SP2 is vulnerable; other versions and products may also be affected.
According to the alert, the issue is reportedly “being actively exploited” in the wild but details on the attacks are scarce.
A video of a proof-of-concept exploit in action was released by Argentinian researcher Ivan Sanchez.
On its monthly Patch Tuesday Webcast (see transcript), Microsoft’s security response team said it was aware of the flaw report and had started an investigation. The company has not yet issued a security advisory with workarounds or mitigations.
No comments:
Post a Comment