Despite dire predictions by some security researchers that a recently patched critical Windows flaw could lead to widespread destructive attacks, Microsoft experts insisted today that such an outcome appears unlikely. Several variants of bots, scanning for hosts left open to a dangerous Widows server service vulnerability patched by the Aug. 8 MS06-040 security bulletin, have been identified. They spread by connecting to internet relay chat (IRC) servers.
But Microsoft experts do not believe a destructive worm-like attack is imminent across all Windows platforms, crediting quick patching by many users with keeping the threat at bay.
“We have been seeing activity related to Graweg (the bot) taper off,” Adrian Stone, a Microsoft Security Response Center program manager, said today on a company blog. “From our analysis and our work with our partners…we still believe that this has been a relatively contained issue that has only affected Windows 2000. However, we are in no way underplaying the severity of the vulnerability addressed in MS06-040. We continue to urge customers to deploy and test the update with a heightened sense of urgency.”Read Full Story