Well we just had Patch Tuesday, and today is Exploit Thursday. As usual in the days after Microsoft announce their monthly patches we have the usual rush to produce proof of concept implementations of the exploits.

 

Several of the issues released on Tuesday had exploits already, however since then MS08-059 and MS08-066 have received the exploit treatment. The PoC for MS08-059 is in the form of a Metasploit module that has been pushed to the Metasploit SVN here.

Microsoft have also published a useful document on how to run Host Integration Server 2006 as a lower privilege user to help minimise the risk if the service is compromised. You can find the document here.

The next issue from Tuesday to get some loving is MS08-066, the exploit has been released as a ‘k-plugin’ for a tool called ‘kartoffel’. Kartoffel is a tool to allow developers to test device drivers for security, so it looks like the PoC code will likely need some tweaking to make it more useful from a attackers standpoint. You can get the PoC code and Kartoffel here.