diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Nov042008

Worm exploiting MS08-067 – Microsoft Windows Server spotted

A worm designed to exploit the recently patched vulnerability covered in Microsoft Security Bulletin MS08-067 has been detected, US-CERT, the government’s cybersecurity organization, warned.

F-Secure said it had received reports of a worm designed to exploit MS08-067 in the wild.

“We’ve received the first reports of a worm capable of exploiting the MS08-067 vulnerability,” the company said on its blog. “The exploit payload downloads a dropper that we detect as Trojan-Dropper.Win32.Agent.yhi. The dropped components include a kernel mode DDOS-bot that currently has a selection of Chinese targets in its configuration.”

F-Secure also identified the worm component as Exploit.Win32.MS08-067.g and the kernel component as Rootkit.Win32.KernelBot.dg.

Full Article

Share This Story, Choose Your Platform!