Hi malware fighters,
In order to be able to infect Windows' users easier, quite a number of hackertoolkits are being made available, for instance Neosploit. Just like other toolkits, like IcePack, MPack or Webattacker, it uses security leaks in various programs to install malware onto a system. Neosploit made the news last year because it was used to infest visitors of sites like Company.monster.com, Eddie Bauer, GMAC Mortgage, BestBuy, Toyota Financial en Tricounties Bank.
The lastest version of Neosploit, gaining popularity, a major exploit was taken off, that is the Winzip leakage. "This is remarkable", according to Exploit Prevention Lab's Roger Thompson. Well this rootkit remains very dangerous, because it contains the following exploits for these vulnerabilities:
1. MDAC, Windows 2000, XP en Server 2003 (April of 2006).
2. QuickTime (not known which actually).
3. AOL SuperBuddy (Aprill of 2007).
4. NCTsoft Products NCTAudioFile2 ActiveX buffer overlow (January of 2007).
5. GOM Player GomWebCtrl.GomManager.1 ActiveX control (October of 2007).
6. SetSlice, Windows 2000, XP SP1 and Server 2003 (October of 2006).
7. ANI, Windows 2000, XP, Server 2003 (April of 2007).
So watch out where you go, update and patch,
pol