My top story, above, concerns the dangerous new security hole that allows an attacker to gain control of remote systems by sending them packets on common communications ports. In this section, I provide additional information.
One of the best analyses of the threat comes from reader Kent England, who holds a Microsoft MVP (Most Valuable Professional) certificate. He minces no words about the importance of installing Microsoft’s latest patch:
- “This patch fixes a serious vulnerability in NetBIOS on port 135. A buffer overflow allows an attacker to send a specially formed packet to a Windows workstation on port 135 and execute code of his choice.
“As you recall, port 135 is how [Microsoft] Messenger pop-up advertisements get into computers that are attached to the Internet with their NetBIOS enabled on their Internet connection.
“Given all the people who complain on the Microsoft public newsgroups about Messenger pop-ups and the fact that so many do not use Windows Update, we have a serious crisis on our hands. It won’t be long before someone writes a new and very nasty Messenger pop-up that installs a Trojan or spyware on systems all across the Internet. Spyware already outranks viruses in complain levels on these newsgroups. A malicious Trojan that sneaks in via UDP port 135 will wreak havok on the Internet.