The Hacker News Logo
Subscribe to Newsletter

Microsoft Hacking Code leaked from security info-sharing program

Microsoft Hacking Code leaked from security info-sharing program

Microsoft on Friday confirmed that sample attack code created by the company had likely leaked to hackers from a program it runs with antivirus vendors. Code that was submitted to Microsoft last year to demonstrate a serious exploit in Windows has somehow made it into the wild, either through Redmond itself or one of its security partners. The exploit targets a vulnerability in Windows' remote desktop protocol, giving an attacker full control over a system and the ability to easily spread to other machines with remote desktop enabled.

Security researchers raised alarms when a working exploit for the flaw was spotted in China shortly after the release, leading many to believe that malware writers were able to breach the Microsoft Active Protections Program security platform.

"The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program partners," said Yunsun Wee, Microsoft's director of its Trustworthy Computing effort.

The patches for the new hole were distributed on Tuesday, as part of Microsoft's regular monthly cycle for security fixes. The hole is a very serious one, because full exploitation would allow an attacker to control machines running Windows XP and later Windows versions that have Remote Desktop Protocol enabled, as long as the network doesn't demand authentication.

Microsoft launched MAPP in 2008. The program has 79 security firm partners, including AVG, Cisco, Kaspersky, McAfee, Trend Micro, and Symantec, as well as several Chinese antivirus companies. A full list of MAPP members can be found on this Microsoft Web page .

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.