Security firm Symantec issued a warning on May 25 regarding a new security vulnerability found in the file-sharing procedure of Windows 2000.
This security flaw arises within the SMB (Server Message Block) file-sharing procedure of Windows 2000. The security firm Immunity Security has successfully developed an exploit code that takes advantage of this vulnerability, which is expected to be disclosed next month.
Research expert Dave Aitel from Immunity asserts that the exploit code developed by the company will exploit the security flaw located in the operating system’s kernel via the SMB protocol to gain full access to the infected system.
“Immunity is regarded as a very reliable source of information, and we believe this to be credible information,” Symantec warned. “Microsoft will certainly not release an official patch until detailed information about this security vulnerability is published.”
Therefore, Symantec currently advises users to apply the SMB service on a limited number of servers. Alternatively, if possible, users should consider upgrading to a newer version of Windows.
The last patch addressing the security vulnerability in the SMB procedure of Windows 2000 was released in June of last year.
Although Microsoft announced the end of support for Windows 2000 as of June 2005, developers continue to release patches for this operating system.
Hoang Dung
