Hi-tech criminals are "escalating" attacks on an unpatched bug in the Windows XP help and support system.
Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.
Windows PCs falling victim will have control of that machine handed over to attackers.
Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.
'Nightmare' attackMicrosoft revealed the upturn in attacks in a blog post saying that it had been monitoring activity around the loophole since it was first revealed on 10 June.
Found by Google engineer Travis Ormandy, the loophole revolves around the Help and Support system built into XP. Mr Ormandy found that it was possible to exploit its ability to give remote aid and apply fixes to ailing machines.
Initially, said Microsoft, it only saw "innocuous" attacks by researchers attempting to replicate what Mr Ormandy had found.
Real exploits turned up on 15 June and these have been enthusiastically adopted by hi-tech criminals.
Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing "seemingly-automated, randomly-generated" web pages that host the exploit.
A variety of trojans, spam tools and viruses are being downloaded to compromised machines, she said.
Rik Ferguson, senior security researcher at Trend Micro, said: "It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered."
Carole Thierault, senior security consultant at Sophos, said attacks like this were a "nightmare" to defend against if people did not regularly update or use anti-virus.
Statistics gathered by Microsoft suggest Portugal was taking the brunt of the attacks but users in Russia and Croatia were also being hit. More than 10,000 machines had been hit at least once by the attack, it found.
To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.
Mr Ferguson from Trend Micro said there were other steps users could take to stay safe.
"It is important to ensure that your security software is capable of identifying and blocking malicious websites," he said, "as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security."
Microsoft said it was working on a lasting fix for the loophole.
Original article courtesy of BBC
35 comments:
My advice would be to get rid of XP. It'll soon be unsupported by Microsoft anyway. It's an archaic bit of software.
Aside from focusing in beautifying your website design (Orange County) you need to secure the website. To secure your website from hackers, it's better to ask help from professional systems administrators.
There are many reasons why a company outsources web developmen to a web design company.
Joomla Development Orange Country
The reputation of online schools is fast becoming just as important as traditional schools. Take the time to check whether the school has a good reputation with potential employers and former students.
online affiliate marketing
Great stuff you have here and nice post. Whatever is being written here is certainly a big help.
Web design plays a crucial role in deciding the online presence of any business. Choosing the right web design service provider who understands perfectly the intricacies that need to be embedded for achieving high functionality status is therefore absolutely mandatory.
Good Post... enterprise application
To have better idea about the same just click on the link given hereby Web Development Services
Really nice blog. I liked the content of your blog. I daily search articles and study for a web design company. I found your blog useful and interesting. Thanks for posting.
Great blog.
I like it very much.
Thanks for sharing
It is really a must to secure your computer systems. Website, on the other hand also needs to be properly secured aside from having a good (Toronto) website design. You may ask an expert on ways for you to secure your website and design. Certainly, your dependable web designer. (Toronto) would gladly answer such queries.
I liked the content of your blog.
great idea
I think XP is one of the most insecure OS these days. So Microsoft must search security options for that.
That's really cool post. I enjoyed reading it.
Hire joomla developer
Thanks for sharing your ideas and thoughts, i like your blog and bookmark this blog for further use thanks again…
web development company
Really you have done a good job. The written style is very prompt and the highly practical manners. So fruitful for us. Thanks for sharing…
Great post, I hope the voyage will be successful.I wanted to thank you for this great read!!
Yes, it is really nice to visit your post and listen your great points hear on "XP Hackers". Very informative blog. Thanks!
good work and thanks for sharing.
Interesting news. I thik you shared here great thouths on XP Hackers.
Yes, good information you guys have here. I always prefer to read good quality contents and I think I have found it on your post here. Thanks!
it was just informative news and thanks for sharing such a useful information.
- florida beach rentals
This is a great blog, usually i don't post comments on blogs but I would like to say that this post really forced me to do so!
Thanks for sharing informative blog, indeed I appreciate you.
Web Development Company
This is a really quality post.I find this information through Google. Great job.
That was really interesting post.Glad to be here.It was amazing to know about the XP hackers.
I wanted to thank you for this great read!! I definitely enjoying every little bit of it.I have you bookmarked to check out new stuff you post.I could tell how great you are in your field of interest. You could relate in each detail very well.Thank you.
Excellent information.. Some serious food for thought, which I believe will be very useful for me. There have been number of times I did wonder about it, but couldn’t really understand it.
This is amazing and wonderful site. These plants show slight movement when an external magnet is positioned close to them. Her experimental art practice was developed in an interdisciplinary capacity with the center. I love this site.
really amazing blog and I was thankful to you for sharing such a useful information.
- CRM for Iphone
It was just amazing information sharing and it's helpful for everyone.
- Cooking Classes
This article is amazing as it helps me to get the sort of information that i needed. I am thankful as i got your article when was searching business web design
Great posting. I appreciate your formulating an exceptionally decent article, It happened to see your website page as well as several written piece. Is exceedingly good type publishing.
Such a useful information sharing and its helpful for everyone.
- Tend Skin 4 oz
Post a Comment