Windows Help and Support Center Vulnerability - CVE-2010-1885 in numbers

    The background is such that on June 10, the notorious Google engineer Tavis Ormandy aka taviso unveiled a vulnerability in the mechanism for checking calls (hcp: //) to the Microsoft Windows Help Center. Actually, he not only announced the vulnerability, but also opened the source code for the exploit. MS complained about this comrade, that he gave them little time to close the vulnerability and in general started to spread it in public for nothing, but I don’t want to discuss the moral side here. A little later, the exploit appeared in the Metasploit repository.


    And a few days later, after the taviso statement, MS released figures on the number of attacks they recorded using this vulnerability.
    image

    The graph clearly shows an avalanche increase in the number of recorded attacks, and in spite of even my own statistics, no decision was made to release an emergency update. Russia was among the leaders in the number of recorded incidents.
    image

    Win Server 2003 (x32 / x64) and Win XP SP2 / SP3 (x32 / x64) were vulnerable for more than a month, but today the update MS10-042 finally covers this vulnerability.

    In anticipation of the patch release, MS updated this data and it turned out even more interesting:
    image

    The total number of daily incidents has increased significantly, and in terms of the number of attacks, we overtook Portugal and broke into first place.
    image

    Also popular now: