Mr. Mike Reavey, Director of the Microsoft Security Incident Response Center (MSRC), wrote in his department's blog: 'We have identified the exploit code MS08-067 of Microsoft. , this executable code is available online.It is the code to execute remote control hijacking to machines running Windows Server 2003, Windows XP and Windows 2000 '.
Microsoft also publicly announced this recommendation on its website and treated it as the latest threat.
As soon as the patch was released, a Microsoft spokesperson declined to point out where Microsoft found the attack code. He only said that this latest recommendation was made after Microsoft was warned about a public code that was provided in a detailed, reliable way. He also confirmed that this recommendation was extracted from the public code on a website rather than from a proprietary security test application.
Just a day earlier, MSRC spokesman Christopher Budd said: 'We know that someone is developing a reliable code to exploit those errors.We know the discussion of the code is being made public on a website, but our analysts show that the code is often the result of a denial of service. ' He also concluded that: 'Until now, we have not seen any evidence that the code is public'.
Earlier, Microsoft announced it had discovered the vulnerability after several attacks were considered infected by an information stealing software called Trojan Gimmiv or Win32 / MS08067.gen! .
It is not clear whether this publicly-disclosed code is the actual code used in previous attacks. However, the MSRC Reavey department director repeated that Microsoft confirmed that attacks still exist on computers that have not been updated. But the attacks were limited and will be determined, even though the exploit code is publicly available. Users who have updated the latest patch MS08-067 last week will be safe from these attacks.
This security threat bulletin has been posted on the Microsoft website and the patch can be downloaded for free for licensed Windows operating system users.