http://www.theregister.co.uk/2008/10/24/trojan_exploits_wormable_microsoft_flaw/ By Dan Goodin in San Francisco The Register 24th October 2008 A day after Microsoft released an emergency patch for a critical flaw that could allow self-replicating attacks, researchers have identified a nasty trojan that attempts to exploit the vulnerability. Variants of the data-stealing trojan known by names including Gimmiv.A and Spy-Agent.da have morphed over the past few weeks to exploit a major weakness in virtually all versions of the Windows operating system. If successful, the exploit could transform the malware into a virulent worm that allows a single infected machine to contaminate any other vulnerable machine over a local network without requiring any interaction on the part of the end users. At the moment, the part of the trojan that exploits the weakness in the Windows server service isn't especially reliable, researchers said. It generally succeeds only when code custom-built for a specific version and language of the OS encounters its intended target. But the limited success has prompted security experts to take seriously Microsoft's warning that the vulnerability is wormable. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Mon Oct 27 2008 - 04:39:46 PDT
This archive was generated by hypermail 2.2.0 : Mon Oct 27 2008 - 04:48:44 PDT