http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=212000278 By Thomas Claburn InformationWeek November 3, 2008 A worm designed to exploit the recently patched vulnerability covered in Microsoft (NSDQ: MSFT) Security Bulletin MS08-067 has been detected, US-CERT, the government's cyber security organization, warned Monday. Just over a week ago, Microsoft issued MS08-067 as an out-of-band patch to fix a critical flaw that could allow a remote attacker to take over Windows computers without any user interaction. The flaw has to do with the way the Microsoft Windows server service handles Remote Procedure Call (RPC) requests. Christopher Budd, a Microsoft Security Response Center (MSRC) program manager, said in a blog post that "the vulnerability is potentially wormable" on older versions of Windows. And other security researchers echoed his concern. It now appears such concerns were well founded. Proof of concept binaries designed to exploit MS08-067 appeared last week. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Mon Nov 03 2008 - 22:19:22 PST
This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 22:32:51 PST