Windows Flaw Could Allow DOS Attacks

Microsoft is admitting a security flaw in its operating system could allow an attacker to remotely crash computers.

Windows 2000, Windows XP and Windows Server 2003 are vulnerable to a denial-of-service attack that exploits a vulnerability in Remote Desktop Services, according to an advisory the software giant issued on Saturday.

“Our investigation has determined that this is limited to a denial of service, and therefore an attacker could not use this vulnerability to take complete control of a system,” said Microsoft’s advisory. “Services that utilize the Remote Desktop Protocol are not enabled by default, however if a service were enabled, an attacker could cause this system to restart.”

Looking for a Way In

By default, services that utilize the Remote Desktop Protocol (RDP) are not enabled, except in Windows XP Media Center Edition. Microsoft said it is not aware of any attacks that try to exploit the vulnerability, but added that the company is working on a patch.

Security experts at the SANS Institute detected several FormMail attempts over the weekend. The IP addresses came from a wide range of networks that could be part of botnet attempts. This could signal hackers looking for a way in to a victim’s network port, according to analysts.

Mitigating Risks

Michael Sutton, director of iDefense Labs, told TechNewsWorld that any time there is the possibility of a remote attack on a widely deployed system, it is reason for concern. While it is not a critical flaw, he said it is serious because so many machines could be affected by this vulnerability.

“Microsoft does not believe that this flaw can be taken beyond denial of service,” Sutton said. “It could be used to remotely knock somebody’s computer offline, but it couldn’t be used to remotely take control of that computer, which is certainly an important factor. Another risk mitigator is the fact that there is no known public exploit of the vulnerability.”

Consumers Take Note

There’s a lot of hype when it comes to operating system wars. Microsoft and Linux supporters have each taken a hard stance on security — each claims superiority. So when situations like these arise, does the debate remain among technically-savvy consumers? Or does the mainstream population pay attention? Sutton, for one, thinks consumers are taking note.

“These issues are becoming a brighter blip on the consumer radar screen,” he said. “My litmus test is news coverage. Any time there’s a big virus or worm outbreak, that shows up on MSNBC. Five years ago I don’t think the average consumer cared. I do think consumers are paying attention.”

Still, he hardly expects a mass exodus from Windows based on this or any other recent vulnerability. Microsoft has the lion’s share of the consumer market and this won’t change that. But analysts said Microsoft should be concerned about diminishing consumer trust.

“When people hear about news like this they become less comfortable doing transactions on the Internet,” Sutton said. “That indirectly certainly impacts companies like Microsoft whose business strategy is based on getting not just businesses but consumers to do more and more online.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

LinuxInsider Channels