October 16, 2008, 2:02 PM — Hackers have released code that could be used to take control of a server running Microsoft's Host Integration Server 2006, used to connect mainframe applications to Windows PCs.
The software was released Wednesday as part of the Metasploit hacking toolkit.
Microsoft released a patch for this flaw on Tuesday, as part of its monthly security updates. The bug lies in the SNA (Systems Network Architecture) remote procedure call used by the server to communicate with the mainframe.
Normally, this service would be blocked by a firewall and in a typical configuration the attacker would need to have an account on the Host Integration Server in order to launch the attack. However, poorly configured machines such as test systems might be vulnerable to an attack, said Russ Cooper, a manager with Verizon Business's RISK Team.
This Host Integration Server flaw was one of 20 security bugs patched by Microsoft this month, but it is the first to be exploited by hackers since the patches were released Tuesday.
