MS08-067 worms squirming in the wild

MS08-067 worms squirming in the wildFirst came Microsoft’s emergency patch. Then the public release of reliable exploit code. Now, virus hunters are reporting two new in-the-wild worms exploiting the critical MS08-067 vulnerability.

The worms, intercepted on Chinese-language versions of Windows, are being used to install a Trojan downloader, a denial-of-service bot and a rootkit to maintain stealthy presence on infected machines.

[ SEE: MS ships emergency patch for Windows worm hole ]

The in-the-wild attacks are using portions of the proof-of-concept code that’s publicly available, according to a source tracking this new threat.

One of the two worms spotted is capable of conducting DDoS (distributed denial-of-service) attacks against several Chinese sites, including the two big search engines Google and Baidu. It also downloads the eMule peer-to-peer program and drops an erotic movie on the hijacked system.

Windows users that have applied the MS08-067 update are not vulnerable to these attacks. Patch now.

[Source: zdnet]