Leaked Code Still Could Bear Malicious Fruit
When news of the leak of a portion of Windows source code broke last month, many in the security community cautioned against overreacting, saying that the leak likely wouldn't lead to a slew of new vulnerability discoveries.When news of the leak of a portion of Windows source code broke last month, many in the security community cautioned against overreacting, saying that the leak likely wouldnt lead to a slew of new vulnerability discoveries. But that attitude has changed in recent weeks because researchers said that crackers have uncovered several previously unknown vulnerabilities in the code and appear determined to keep the flaws quiet for their private use. Many in the legitimate security world have shied away from downloading and examining the code, out of fear of legal problems with Microsoft and out of a desire to keep their research unspoiled by what could be corrupt or damaged code. However, malicious crackers have had no such reservations. Immediately following the codes posting on the Internet, members of the security underground began poring over the code, searching for undocumented features and flaws that might give them a new way to break into Windows machines. There were some early claims of success, including one man who said he found a new vulnerability in Microsoft Corp.s Internet Explorer. However, at the time, security experts said that because the leaked code was so old and was only a fragment of the entire Windows source, there would likely be few actual weaknesses found. But experts who monitor the underground security community said the crackers continued to share the code with one another and have apparently had some success probing for flaws.
"I know of vulnerabilities that have been discovered as a result of the code being exposed to the Internet. I suspect that additional new vulnerabilities will be discovered as time goes on, due to the breach of security," said Ken Dunham, malicious-code manager at iDefense Inc., a security intelligence company in Reston, Va.
Be sure to add our eWEEK.com Windows news feed to your RSS newsreader or My Yahoo page: