Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Ms06-025 & Excel Hlink Exploits Released To Public

  • Please log in to reply
No replies to this topic

#1 harrywaldron


    Security Reporter

  • Members
  • 509 posts
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:09:19 PM

Posted 23 June 2006 - 06:17 AM

Two remote code execution exploits that take advantage of vulnerabilities affecting Windows have been publicly released.

The first code targets a critical Windows Remote Access Connection Manager vulnerability (MS06-025) addressed last week. Microsoft Windows 2000 systems are primarily at risk from this exploit.

The second code exploits the recently disclosed Windows / Excel memory corruption (0day) and opens a command shell on port 4444 when a specially crafted link is clicked. Comments

FrSIRT Current Threat Level has been raised to ELEVATED (Level 2/4) ... We should expect to see active exploitation of these vulnerabilities in the wild within a few hours.

Published : 2006.06.22 - 11:12:55 UTC

FrSIRT noted developments for MS06-025 and revised their status from "Green" to "Yellow" overnight. The MS06-025 exploit impacts W/2000 users but not XP SP2 users. Hopefully, there won't be in-the-wild attacks as they are anticipating with the exploit code publicly released

Everyone should be on the latest security patches and avoid continue to avoid untrusted Excel documents until Microsoft patches these vulnerabilities.

Microsoft Windows Exploits Out - FrSIRT CTL™ Raised to Level 2

Microsoft Windows Routing and Remote Access Code Execution Issues (MS06-025)

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users