MAPP Proof-Of-Concept Exploit Code Leak Confirmed By Microsoft, Patch Released

Microsoft had to face a very embarrassing situation when it was discovered that a proof-of-concept code which can be a very serious security threat for Windows, was actually leaked from the Microsoft Active Protection Program (MAPP). This malicious code lets the developers discern the possible exploits in Microsoft’s implementation of RDP protocol and then use these exploits for nefarious purposes.


One of the many possible exploits that could be launched using this proof-of-concept code is to launch DoS attacks against unpatched Windows systems. According to one of the director of Microsoft’s Trustworthy Computing Group, “We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution.”

What is appreciable is that Microsoft was quick to furnish a patch to look to this security loophole. The MS12-020 patch updates the system to protect it against possible CVE-2012-0002 exploits.

So far, it hasn’t been found out exactly where the leak came from. The MAPP partners are bound not to divulge any Microsoft-related information under a ‘strict Non-Disclosure Agreement.’

So how was it found out that the actual leak came from Microsoft? It was basically an intelligent analysis of a string that was found in the proof-of-concept code. The string contains the term ‘MSRC11678’ which refers to Microsoft Security Response Center number assigned to this particular vulnerability. A number of analysts have criticized Microsoft for not timely handling the security problem even when it was well aware of it.

You can access the security patch from Microsoft to address the vulnerability over here.

[ttjad]

Salman

Salman Latif is a software engineer with a specific interest in social media, big data and real-world solutions using the two.Other than that, he is a bit of a gypsy. He also writes in his own blog. You can find him on Google+ and Twitter .

Leave a Reply