Wednesday, November 26, 2008

More MS08-067 Exploits

"Early last week we blogged about MS08-067 exploits. At that time, the number of exploits in the wild was still low and they were mostly targeted attacks. However, during the weekend we started receiving customer reports for new malware that exploits this vulnerability. During the last two days that malware gained momentum and as a result we see an increased support call volume. The SHA1 hash of the malware is 0x5815B13044FC9248BF7C2DBA771F0E6496D9E536 and we detect it as Worm:Win32/Conficker.A." Technet.com

"At McAfee Avert Labs we have seen a few proof-of-concept binaries using the exploit code that was released into the wild to attack this Windows Server Service vulnerability; the latest is W32/Conficker.worm. According to the description in our Virus Information Library, W32/Conficker.worm decides how it will load itself as a Windows Service depending on whether the compromised version of Windows is Windows 2000." Avert Labs
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Hack the Box Blue

https://arcy24.medium.com/hack-the-box-blue-f5ae5b602a5c

  • Report: 97% Of Mobile Malware Is On Android. This Is The Easy Way You Stay Safe
    In 2013 Android grew to a very large number: 87%. This was its share of the global smartphone market. It also grew to an even larger one: 97...
  • iVerify
    Pretty neat tool for iOS devices! iVerify is an integrity validator for iOS devices capable of reliably detecting modifications such as mal...
  • Tools/Info:ICMP Types
    ICMP TYPE NUMBERS (last updated 2008-02-13) Registries included below: - ICMP Type Numbers - Code Fields - ICMP Extension Objects Classes Th...