Exploits on the Loose Against Unpatched Bugs in Windows

WindowsITPro reports that researchers have posted "proof of concept" code that can take advantage of vulnerabilities in Windows platforms. The concept code works against vulnerabilities in the Windows help subsystem and in code used to load desktop icons and the Windows help subsystem. Even systems with Windows XP with Service Pack 2 are affected as Internet Explorer can be used as a vector in exploits. Systems could become compromised without any user interaction if a user simply visits a malicious Web page.

At least one exploit has already been released into the wild of the Internet. No patches are available yet for these newly reported problems. WindowsITPro says that "Administrators can help protect their networks by ensuring that their intrusion prevention systems are update to date".

Ahh... music to my ears. Writers are starting to get it. IPS is a great asset in the digital defences, reducing the risks in the "Exposure Window" until patches and antivirus signatures can be deployed.