Exploit code for three vulnerabilities identified in Microsoft’s July Patch Tuesday has been detected – the code relates to the following patches: MS06-034, MS06-035, and MS06-036.
Nick Squire, director at PatchLink comments:
“Hackers seem to have targeted two of the most critical patches to exploit – as MS06-035 and MS06-036 impact every Windows-based machine (both servers and desktops), putting the majority of internet users at risk. Any internet user with a windows-based machine needs to deploy the patches as quickly as possible, as a hacker now has the potential to take over a system and gain access to sensitive data.
“It seems that Patch Tuesday has accelerated a race within the hacking community to exploit the latest patches. The fact that 13 patches were issued in July, makes the burden of applying all of the patches before exploit code is released a more difficult one for businesses and consumers alike.
“Unfortunately, deploying a patch isn’t as simple as sticking on a plaster. Each patch must be tested against the environment that it is to be applied – each user / organisation will have a variety of different software and one ‘element’ can simply render the patch dangerous. Cross-referencing the computer infrastructure against each vulnerability is the only way to avoid downtime.”