20 February 2008


A well meaning hacker who informed Microsoft about a vulnerability that lies in a conversion tool used to convert Microsoft works WPS files into Word RTF files. The flaw could allow an attacker to remotely execute code on a user's system.But the hacker was denied credit because of his name.

The hacker identifies himself as "Chujwamwdupe" which apparently means sexual intercourse in polish language.MS usually sees to it that hackers who report loopholes and flaws are immediately given credit.This gives the hacker name and fame in the online world.MS repaired the vulnerability as part of its monthly security release on 12 February.When the update was released Microsoft credited discovery of the flaw to iDefense, which in turn credited security researcher Damian Put.

Two days after the patch was released, the angry hacker by the name of 'chujwamwdupe' posted the sample exploit code to security site milw0rm.However this can be misused by cyber criminals since updates for the flaw have not reached everyone.

The link to the exploit code posted by hacker is : http://www.milw0rm.com/exploits/5107
The update to this flaw can be downloaded from: http://www.microsoft.com/protect/computer/updates/bulletins/200802.mspx


Post a Comment

Edited by Youngistan and template from Dicas Blogger
2009 ©Youngistan | Privacy Policy | Disclaimer: Some contents in this blog are either obtained, discovered or found in the public domain and are intended for educational purposes only.We claim no credit for any visual contents, images, or videos unless otherwise noted. If you own rights to any of the contents featured and do not wish them to appear here, please contact us and they will be promptly removed.