Microsoft Warns Software Users of “Critical” Flaw:
Microsoft’s version of that protocol is flawed, and could be used to gain control of the target machine [affected OS versions include Windows NT, Windows 2000 or Windows XP versions of its software, as well as Windows NT Server, Server 2000 and Server 2003]. The company said there was no evidence that any attacks based on the flaw had occurred.
Russ Cooper, a security expert with TruSecure Corporation, said that the latest vulnerability was especially insidious because it could allow attacks on the equivalent of the computer’s immune system. “It’s like AIDS,” he said. “This is the stuff that’s supposed to protect us.”