Hi-tech criminals are "escalating" attacks on an unpatched bug in the Windows XP help and support system.
Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.
Windows PCs falling victim will have control of that machine handed over to attackers.
Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.
'Nightmare' attackMicrosoft revealed the upturn in attacks in a blog post saying that it had been monitoring activity around the loophole since it was first revealed on 10 June.
Found by Google engineer Travis Ormandy, the loophole revolves around the Help and Support system built into XP. Mr Ormandy found that it was possible to exploit its ability to give remote aid and apply fixes to ailing machines.
Initially, said Microsoft, it only saw "innocuous" attacks by researchers attempting to replicate what Mr Ormandy had found.
Real exploits turned up on 15 June and these have been enthusiastically adopted by hi-tech criminals.
Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing "seemingly-automated, randomly-generated" web pages that host the exploit.
A variety of trojans, spam tools and viruses are being downloaded to compromised machines, she said.
Rik Ferguson, senior security researcher at Trend Micro, said: "It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered."
Carole Thierault, senior security consultant at Sophos, said attacks like this were a "nightmare" to defend against if people did not regularly update or use anti-virus.
Statistics gathered by Microsoft suggest Portugal was taking the brunt of the attacks but users in Russia and Croatia were also being hit. More than 10,000 machines had been hit at least once by the attack, it found.
To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.
Mr Ferguson from Trend Micro said there were other steps users could take to stay safe.
"It is important to ensure that your security software is capable of identifying and blocking malicious websites," he said, "as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security."
Microsoft said it was working on a lasting fix for the loophole.
Original article courtesy of BBC
42 comments:
My advice would be to get rid of XP. It'll soon be unsupported by Microsoft anyway. It's an archaic bit of software.
Aside from focusing in beautifying your website design (Orange County) you need to secure the website. To secure your website from hackers, it's better to ask help from professional systems administrators.
There are many reasons why a company outsources web developmen to a web design company.
Joomla Development Orange Country
The reputation of online schools is fast becoming just as important as traditional schools. Take the time to check whether the school has a good reputation with potential employers and former students.
online affiliate marketing
Great stuff you have here and nice post. Whatever is being written here is certainly a big help.
Good Post... enterprise application
To have better idea about the same just click on the link given hereby Web Development Services
Great blog.
I like it very much.
Thanks for sharing
It is really a must to secure your computer systems. Website, on the other hand also needs to be properly secured aside from having a good (Toronto) website design. You may ask an expert on ways for you to secure your website and design. Certainly, your dependable web designer. (Toronto) would gladly answer such queries.
I liked the content of your blog.
great idea
I think XP is one of the most insecure OS these days. So Microsoft must search security options for that.
That's really cool post. I enjoyed reading it.
Hire joomla developer
Really you have done a good job. The written style is very prompt and the highly practical manners. So fruitful for us. Thanks for sharing…
Great post, I hope the voyage will be successful.I wanted to thank you for this great read!!
Yes, it is really nice to visit your post and listen your great points hear on "XP Hackers". Very informative blog. Thanks!
good work and thanks for sharing.
Interesting news. I thik you shared here great thouths on XP Hackers.
Yes, good information you guys have here. I always prefer to read good quality contents and I think I have found it on your post here. Thanks!
This is a great blog, usually i don't post comments on blogs but I would like to say that this post really forced me to do so!
Thanks for sharing informative blog, indeed I appreciate you.
Web Development Company
This is a really quality post.I find this information through Google. Great job.
That was really interesting post.Glad to be here.It was amazing to know about the XP hackers.
I wanted to thank you for this great read!! I definitely enjoying every little bit of it.I have you bookmarked to check out new stuff you post.I could tell how great you are in your field of interest. You could relate in each detail very well.Thank you.
Excellent information.. Some serious food for thought, which I believe will be very useful for me. There have been number of times I did wonder about it, but couldn’t really understand it.
This is amazing and wonderful site. These plants show slight movement when an external magnet is positioned close to them. Her experimental art practice was developed in an interdisciplinary capacity with the center. I love this site.
really amazing blog and I was thankful to you for sharing such a useful information.
- CRM for Iphone
This article is amazing as it helps me to get the sort of information that i needed. I am thankful as i got your article when was searching business web design
Great posting. I appreciate your formulating an exceptionally decent article, It happened to see your website page as well as several written piece. Is exceedingly good type publishing.
Such a useful information sharing and its helpful for everyone.
- Tend Skin 4 oz
Hi this is such a nice blog and hope u will provide some more new post over web designing really i got lot of info from here
Thanks
very important information you share with us.
Thanks
website designing connecticut
Thanks for sharing techniques on how to avoid hackers. This will be a big help to us.
web development company
Zinavo Technologies is leading web designing, web developing and internet marketing company, based in Bangalore, India. We provide all the services regarding web designing, web developing and internet marketing etc. Web design company Bangalore
I do think the previous commentators are in all probability suitable, That's tremendous, always keep them right up i'm checking intended for all your subsequent blogging site! Mali gold
I am so grateful to read this such a wonderful post. Thank you for discussing this great topic.
Website Design Company
Way cool! Some very valid points! I appreciate you penning this post plus the rest of the site is also very good.
Flash developer London
Web Design Bournemouth :Vizz Media-Best web design practices and up-to-date web technologies to create great user experiences. Contact us for SEO Services Web Design & Data Base Driven Websites.
great blog thank you for sharing with you
Website Designing Company
Great post and such a useful information sharing and its helpful for everyone...
Web Development Company India
Thanks for the very informative blog and I extremely grateful that you perform this piece of writing very simply, I mean to say that it's quite simple to read and understand.
Web Design Company Bangalore | Web Development Company Bangalore
Very Informative blog...i can read lot of information from this blog...
Web Design Company Bangalore
Website development Company Bangalore
Post a Comment