July 2, 2010

Microsoft Windows XP Under Attack By Hackers

Microsoft's Windows XP help and support system is under fire by high-tech hackers who found an un-patched bug in the program.

Microsoft said as many as 10,000 machines have been hit by the attack.

Windows XP users that fall victim to the attack will have their machines taken over by the hackers. The attacks have gone from theoretical to real very quickly, noted Microsoft. The company urged users to take the necessary steps to protect themselves.

Microsoft revealed the surge in attacks in a blog saying that it had been monitoring the activity around the loophole since it was first announced on June 10.

The loophole, which was discovered by Google engineer Travis Ormandy, revolves around the help and support system built into the XP system. Ormandy found that it was possible to take advantage of its ability to give remote aid and apply fixes to affected PCs.

Microsoft said the attacks appeared to be harmless at first, but became real and dangerous by June 15. A security official for Microsoft told BBC News that a variety of trojans, spam tools and viruses were being downloaded to compromised machines.

"It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered," said Rik Ferguson, senior security researcher at Trend Micro.

Carole Thierault, senior security consultant at Sophos, told the news agency that attacks like this were a "nightmare" to defend against if people did not update their systems or use anti-virus on a regular basis.

To protect computers from attack, Microsoft advised users to turn off the part of the help and support system that is vulnerable. It has produced an automated tool that can do this for users.

Ferguson said there were also other steps that users could take to keep safe.

"It is important to ensure that your security software is capable of identifying and blocking malicious websites," he said, adding that "criminals behind this will be constantly updating their malicious files to try and avoid traditional security."

Microsoft said it was working to find a permanent fix to the loophole.


On the Net: