Vulnerabilities recently found in the Windows operating system could lead to the emergence of worms with the potential to inflict as much damage as the previous Zotob, Sasser, and Blaster viruses, security authorities warned.
The most serious of the flaws could allow remote access to the Microsoft Distributed Transaction Coordinator (MSDTC), a component of the operating system used to coordinate transactions between databases, messaging systems, and file systems across networked machines.
When exploited, this flaw gives attackers the ability to run remote commands with full system privileges.
Exploit Coming Soon
Given that larger organizations often have the most difficulty quickly patching vulnerable systems, a worm based on this vulnerability could wreak havoc on large enterprises.
Exploit code for this vulnerability already has been written by a security firm, so it probably won't take long for worm to be created, said Alfred Huger, senior director of engineering at Symantec Security Response.
"This exploit matches well with a worm, and the impact will depend on the number of people who install the necessary patches," he said.
Other critical discoveries include remotely exploitable flaws in Windows Media Player, Windows ActiveX, and the Plug and Play service of the Windows operating system. These critical security flaws affect Windows NT, 2000, XP, and Windows Server 2003 machines.
If left unpatched, the vulnerabilities could enable an attacker to install programs, change or delete data, or create new accounts with full system privileges.
With millions of installations around the world, Windows 2000 represents a significant percentage of all Windows servers running today.
"Microsoft has patches available for businesses and consumers, but the problem for enterprises is that they have to be careful in applying the patches, which can damage complex computer systems," Huger said.
Yankee Group senior analyst Andrew Jaquith noted that hackers now can launch scripted attacks that exploit software vulnerabilities in a matter of hours.
"Microsoft is doing the best that it can to address the problems, but they are on a running on a treadmill," he said. "They can issue the patches, but it's up to their customers to remain vigilant and to upgrade their operating systems to more secure products as soon as they able to do so."