It’s amazing to constantly read articles that are based on the topic of hackers breaking into systems using old exploits.  Now in some instances (especially from a business-network perspective), you have to balance the pros with the cons of applying security patches (i.e. the patch may cause certain functions to stop working), but it is not just business networks and systems that this happens with.  There really is no excuse why users with just personal computers should not update their systems, especially since Windows can pretty much do it all automatically for you.

In the last two weeks, hackers have exploited an 18-month-old vulnerability in Microsoft Windows in three high-profile attack campaigns to infect PCs with advanced rootkits and launch infections from thousands of compromised Web sites.

Since Dec. 28, the same exploit has been used by attackers who jumped on the news of former Pakistani Prime Minister Benazir Bhutto’s assassination, by attackers who earlier had hacked thousands of sites using a robotic SQL injection attack, and by the creators of a sophisticated master boot record rootkit invisible to Windows.

The exploit is for a bug within an MDAC (Microsoft Data Access Components) bug patched in April 2006 by Microsoft’s MS06-014 security update. When Microsoft fixed the flaw, it issued updates for every version of Windows then supported, from Windows 2000 through Windows XP to Windows Server 2003.

Within days of the April 2006 release of a fix, hackers had come up with a working exploit. And it’s been in continual use since then, said Roger Thompson, chief research officer of Grisoft SRO. “It’s popular because it really works,” Thompson said as he explained why he thought the exploit remained popular. “It doesn’t require a special version of Windows, it works with them all except Vista, and it doesn’t require anything else, like a specific version of Internet Explorer.

“And it’s also easy to tweak,” he said.[more]

Tags: Hackers