There has been a public disclosure of a vulnerability in Microsoft's HCP protocol, as used by versions of Microsoft Windows 2003 and XP. This vulnerability is critical, remotely exploitable, and can lead to remote code execution.

Network Box is working with Microsoft, under our MAPP partnership, to urgently PUSH protection signatures for the various vectors that this can be exploited through. We have already released our initial protection signatures (NB.hcpexploit.heur.a) to all our customers, and will be closely monitoring for public exploits.

Mike Reavey, Director, MSRC at Microsoft, comments on the MSRC blog: "This issue was reported to us on June 5th, 2010 by a Google security researcher and then made public less than four days later, on June 9th, 2010. Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk.". He also goes on to say that "one of the main reasons we and many others across the industry advocate for responsible disclosure is that the software vendor who wrote the code is in the best position to fully understand the root cause. While this was a good find by the Google researcher, it turns out that the analysis is incomplete and the actual workaround Google suggested is easily circumvented. In some cases, more time is required for a comprehensive update that cannot be bypassed, and does not cause quality problems."

Back