Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.

A worm has been seen taking advantage of the vulnerability in Microsoft's Windows Server Service, patched out-of-cycle last month in the MS08-067 announcement.

cyber-defence-summit

The worm takes advantage of machines yet to be patched by tardy administrators, and once it is installed it proceeds to patch the vulnerability to prevent other malicious attacks from joining it on the victim system. Microsoft reports numerous attempts to exploit the flaw over the past month, but this latest worm is the most widespread and sophisticated.

More details on the outbreak are in a Microsoft malware team blog entry here, with further comment in The Register here, eWeek here or ZDNet here.

1 December 2008

Tags: exploit, microsoft, patch, vulnerability, worm.   

 del.icio.us  digg this! digg this

0 comments

Comments are closed.

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Malware Prevalence
Autorun |#######|
Encrypted/Obfuscated |#####|
Heuristic/generic |#####|
Sality |####|
Zbot |####|
 View this month's full report

Virus Bulletin currently has 224,229 registered users.