[ISN] Worm Exploiting Microsoft Windows Server Spotted

From: InfoSec News <alerts_at_private>
Date: Tue, 4 Nov 2008 00:19:22 -0600 (CST)

By Thomas Claburn
November 3, 2008 

A worm designed to exploit the recently patched vulnerability covered in 
Microsoft (NSDQ: MSFT) Security Bulletin MS08-067 has been detected, 
US-CERT, the government's cyber security organization, warned Monday.

Just over a week ago, Microsoft issued MS08-067 as an out-of-band patch 
to fix a critical flaw that could allow a remote attacker to take over 
Windows computers without any user interaction. The flaw has to do with 
the way the Microsoft Windows server service handles Remote Procedure 
Call (RPC) requests.

Christopher Budd, a Microsoft Security Response Center (MSRC) program 
manager, said in a blog post that "the vulnerability is potentially 
wormable" on older versions of Windows. And other security researchers 
echoed his concern.

It now appears such concerns were well founded. Proof of concept 
binaries designed to exploit MS08-067 appeared last week.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
Received on Mon Nov 03 2008 - 22:19:22 PST

This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 22:32:51 PST