Security firms have issued warnings that two exploit codes have been released on the Internet targeting systems running the Windows operating system.
The first exploit takes advantage of a “critical” vulnerability in the DHCP protocol of Windows. Microsoft addressed this issue on July 11 in security bulletin MS06-036, but not all computers have applied the update.
According to a warning from Symantec, this exploit could allow hackers to gain full control over unpatched Windows systems.
The second exploit targets a security vulnerability in a Windows component known as “mailslot,” which was previously patched by Microsoft in bulletin MS06-035. While Symantec and the French Security Incident Response Team (FRSIRT) believe this code exploits an old vulnerability, Microsoft contends it targets a new one.
Additionally, Microsoft has stated that it has not yet recorded any attacks utilizing these two exploit codes.
Earlier this month, Microsoft released seven security bulletins that included patches for 18 vulnerabilities. At least two of these vulnerabilities had been exploited in previous attacks.
