Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has revealed that more than 10,000 PCs have been hit by attacks exploiting a publicised flaw in the Windows Help and Support Center.
A post yesterday on the Microsoft Malware Protection Center’s Threat Research and Response blog highlighted that the number and frequency of attacks has changed significantly since the advisory was first released on 10 June.
“At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged,” wrote Holly Stewart, a senior program manager with MMPC.
“Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up and are no longer limited to specific geographies or targets, and we would like to ensure that customers are aware of this broader distribution.”
Users in Portugal and Russia seem to have been hit the most frequently, with most falling victim to “seeing seemingly-automated, randomly-generated html and php pages” hosting the exploit, she added.
The attack was first disclosed by Google security engineer Tavis Ormandy, but security experts were quick to denounce his actions in disclosing before Microsoft had time to develop a fix.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.