The code for vulnerabilities in MSDTC is made public

Dec 2, 2005 11:24 GMT  ·  By

In the Microsoft MS05-051 bulletin that was released on October 11, 2005, they addressed a MSDTC (Microsoft Distributed Transaction Coordinator) flaw and gave it a 'critical' rating. "An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," the article stated. It also added that "a remote code execution and local elevation of privilege vulnerability exists in the Microsoft Distributed Transaction Coordinator that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system."

It has been the second time this week that hackers have posted sample of code that anyone could have used to attack a Windows PC. The people who have already applied the patches offered in MS's MS05-051 bulletin need not worry since their systems are protected, but some users have claimed that they have had trouble applying the patch.

This latest released code is coordinated for a DOS (Denial of Service) attack on almost all supported version of Windows so users beware. This week is the first time that the code has been publicly shared, but the code itself has been in circulation since mid October.

Microsoft is urging everyone to patch their systems before their machines become infected.