Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

MS08-067 - First Worm Exploiting unpatched systems in the Wi

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
harrywaldron
Junior Member


Joined: 24 Jul 2007
Last Visit: 09 Apr 2009
Posts: 43
Location: Roanoke, Virginia

PostPosted: Mon Nov 03, 2008 8:37 am    Post subject: MS08-067 - First Worm Exploiting unpatched systems in the Wi Reply with quote

More evidence that the initial buggy and trojan horse based attacks are being refined by the bad guys into a true Internet based worm. If you haven't performed a Windows Update since October 23rd, it's important to do so immediately.


MS08-067 - First Worm Exploiting unpatched systems in the Wild
http://isc.sans.org/diary.html?storyid=5275
http://www.f-secure.com/weblog/archives/00001526.html
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d

Quote:
Code building on the proof of concept binaries that were mentioned last week has moved into the wild. We've received the first reports of a worm capable of exploiting the MS08-067 vulnerability. The exploit payload downloads a dropper that we detect as Trojan-Dropper.Win32.Agent.yhi.

The dropped components include a kernel mode DDOS-bot that currently has a selection of Chinese targets in its configuration. he worm component is detected as Exploit.Win32.MS08-067.g and the kernel component as Rootkit.Win32.KernelBot.dg.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group