New Exploit for Unpatched Windows Flaw

It appears we will be ringing in the new year with a new and improved exploit that online miscreants can use to attack an unpatched Microsoft Windows flaw and install spyware, viruses and other dangerous digital intruders.

This is a big deal because so far -- without a patch from Redmond to remedy this problem -- the major antivirus vendors have been the first lines of defense against this attack, and they have relied mainly on adding new signatures to their software to detect the latest threats each time a new one appears. But by changing the profile of the attack slightly with each iteration, the new exploit's random attack code has a far greater chance of slipping past software shields.

SANS said the random garbage added onto any attack code generated with the new exploit could make it very hard for anti-virus companies to develop signatures to detect the new threats. Security Fix - Brian Krebs on Computer and Internet Security - (

Linked by shanmuga Saturday, 31st December 2005 9:43PM