MS08-067 worms squirming in the wild
First came Microsoft’s emergency patch. Then the public release of reliable exploit code. Now, virus hunters are reporting two new in-the-wild worms exploiting the critical MS08-067 vulnerability.
The worms, intercepted on Chinese-language versions of Windows, are being used to install a Trojan downloader, a denial-of-service bot and a rootkit to maintain stealthy presence on infected machines.
[ SEE: MS ships emergency patch for Windows worm hole ]
The in-the-wild attacks are using portions of the proof-of-concept code that’s publicly available, according to a source tracking this new threat.
One of the two worms spotted is capable of conducting DDoS (distributed denial-of-service) attacks against several Chinese sites, including the two big search engines Google and Baidu. It also downloads the eMule peer-to-peer program and drops an erotic movie on the hijacked system.
Windows users that have applied the MS08-067 update are not vulnerable to these attacks. Patch now.
[Source: zdnet]
Post a Comment