In Windows 2000, Windows XP, and Windows Server 2003, Microsoft uses TCP Port 445 to run SMB directly over TCP/IP to handle the sharing of files, printers, and serial ports, and also for communication between computers. The vulnerability, which was rated “critical,” was patched in Microsoft’s June 14 MS05-027 bulletin, and the increased noise on that port could be the first sign that a password bruteforce attack is imminent. A spokesperson for Microsoft’s Security Response Center said the company was not aware of any active attempts to exploit the vulnerability. “Port scanning is an activity that may be indicative of an attempt to discover attack vectors against any vendor product and is not an activity unique to Microsoft products,”
TCP PORT ATTACK IMMINENT
An ominous increase in sniffing activity on TCP Port 445 could signal an impending attack targeting a recently patched Microsoft vulnerability. Researchers at Symantec Corp.’s DeepSight Network have detected a surge in scans on Port 445, an indication that malicious hackers may have already created exploits for a flaw in Microsoft Corp.’s implementation of the SMB (Server Message Block) protocol.
In Windows 2000, Windows XP, and Windows Server 2003, Microsoft uses TCP Port 445 to run SMB directly over TCP/IP to handle the sharing of files, printers, and serial ports, and also for communication between computers. The vulnerability, which was rated “critical,” was patched in Microsoft’s June 14 MS05-027 bulletin, and the increased noise on that port could be the first sign that a password bruteforce attack is imminent. A spokesperson for Microsoft’s Security Response Center said the company was not aware of any active attempts to exploit the vulnerability. “Port scanning is an activity that may be indicative of an attempt to discover attack vectors against any vendor product and is not an activity unique to Microsoft products,”
In Windows 2000, Windows XP, and Windows Server 2003, Microsoft uses TCP Port 445 to run SMB directly over TCP/IP to handle the sharing of files, printers, and serial ports, and also for communication between computers. The vulnerability, which was rated “critical,” was patched in Microsoft’s June 14 MS05-027 bulletin, and the increased noise on that port could be the first sign that a password bruteforce attack is imminent. A spokesperson for Microsoft’s Security Response Center said the company was not aware of any active attempts to exploit the vulnerability. “Port scanning is an activity that may be indicative of an attempt to discover attack vectors against any vendor product and is not an activity unique to Microsoft products,”
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment