The initial alarm was raised by Microsoft on 16 July, which was followed up by a statement from the DHS eight days later. It warned Microsoft users to implement the patch, available from the company’s website, as soon as possible.
Late last week, the DHS took the unprecedented measure of issuing a second statement in reaction to the emergence of a dangerous code that exploits the vulnerability. It claims to have picked up a huge increase in the number of hackers scanning the internet for vulnerable systems.
‘Two factors are causing heightened interest in this situation: the affected operating systems are in widespread use, and exploitation of the vulnerability could permit the execution of arbitrary code (technology used by hackers to take advantage of vulnerable systems),’ the DHS said in a statement.
‘DHS and Microsoft are concerned that a properly written exploit could rapidly spread on the internet as a worm or virus in a fashion similar to Code Red or Slammer.’
Essentially, the vulnerability allows malicious attackers to gain control of systems to steal files, emails and personal information. It can also be used to launch attacks across the internet.
Reports into the financial implications of the Code Red virus from early 2001 concluded that it had cost businesses more than $2bn to clean up infected systems in the aftermath of the virus’s strike. But IT departments seem not to have learnt from the experience, which has forced the DHS to issue such a stark warning.
‘It is very important to patch this up as quickly as possible,’ said Graham Titterington, senior analyst at Ovum. ‘This flaw isn’t as immediately accessible as the problem that led to the Code Red situation since it deals more with internal than external communication. Nevertheless it can be used in that way and the fact that it’s so widespread is a major cause for concern.’
Some commentators believe IT departments have been so slow to update their systems with the Microsoft fix because the Redmond giant issues patches so frequently they are sometimes overlooked. The Windows systems affected include NT 4.0; NT 4.0 Terminal Services Edition; 2000; XP and Server 2003.
– Additional reporting by David Rae