Hackers release exploit code: industry poised for attack

NEWS A hacker group has released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack which researchers warn could strike any time soon. The warning came Friday, after hackers from the Chinese X Focus security group forwarded source code to several public security lists. The code is for a program designed to allow an intruder to enter Windows computers. The X Focus program takes advantage of a hole in the Microsoft operating system that lets attackers break in remotely. The flaw has been characterized by some security experts as the most widespread ever found in Windows. Marc Maiffret, chief hacking officer for network protection firm eEye Digital Security, said: "An exploit like this is very easy to turn into a worm. I wouldn't be surprised if we see a worm sooner rather than later." While many security researchers believe the publication of such information can encourage security personnel in businesses to patch holes faster, the release of exploit code has typically preceded the largest worm attacks of the past few years. Maiffret and other security researchers worried that next week's Defcon hacker conference in Las Vegas will act as a catalyst and spur a malicious hacker to create and release such a worm. Maiffret, who doesn't support the release of exploit code, points to the X Focus notice as proof that exploits can be created without explicit details in the advisory. Few details were available to hackers and security researchers about the Windows flaw it was based on, but the exploit program was created quickly nevertheless. Jeff Jones, senior director for Microsoft's Trustworthy Computing initiative, took the creators of the code to task, saying that the release of a program to exploit a specific vulnerability doesn't help make companies more secure. He said: "We believe publication of exploit code in cases like this is not good for customers." "While the release of exploits are protected in the US under the First Amendment, intentional use of that code to cause damage is criminal," he added. Robert Lemos writes for News.com