0 Members and 1 Guest are viewing this topic.
Microsoft said late Wednesday that it plans to break out of its monthly patch cycle to issue a security update today for a critical vulnerability in all supported versions of Windows.
Update, 12:45 p.m. ETMy source, who asked not to be identified because Microsoft has not yet publicly discussed the details, said Redmond has acknowledged that criminals have for the past three weeks been using the vulnerability to conduct targeted attacks.
QuoteMicrosoft said late Wednesday that it plans to break out of its monthly patch cycle to issue a security update today for a critical vulnerability in all supported versions of Windows.Got it-Thanks FWF Security Update for Windows XP (KB958644)
[off-topic]It will be interesting to see what is in Vista SP2. It does seem an unsightly hast to get to SP2 on XP that took some time.[/off-topic]
Got the update but it knocked out my USB wireless so I had to re-install the drivers
– We have samples in-house of the trojans in-the-wild that are being used in targeted attacks, taking advantage of this exploit. These are currently only targeted attacks, not being used broadly by malware authors.
The vulnerability - which has been subjected to "limited, targeted attacks" - could allow miscreants to create wormable exploits that remotely execute malicious code on vulnerable machines, Microsoft said. No interaction is required from the end user.
Data-Stealing Trojan Exploiting Just-Patched Windows FlawMicrosoft Windows users who have not yet applied the security update that Redmond released yesterday should take a minute to do that now: Security experts are warning that at least one Trojan horse program with apparent spreading capabilities is in circulation, and that we are likely to see additional malware exploiting the flaw in the coming days....Sunbelt Software says they're not able to verify ThreatExpert's claims that Gimmiv.a is anything more than a data-stealing Trojan, calling claims that the Trojan also functions as a network worm as "misinformation."Regardless, this is a nasty vulnerability, period. If you haven't patched, do it now. If history is any teacher, Sunbelt's estimation of the threat is probably spot-on: "We would make an educated guess that a worm will hit soon (maybe in the next day or so).
No, we're not at worm stage... (yet)Correction: There is a worm component. (Yes, the trojan itself isn't a worm. But that overlooks the behavior of a dll, a dll dropped by Gimmiv, which is a worm. Now, that doesn't mean we're at a SQL Slammer type worm stage. This Trojan has to get into a system. But, nevertheless, I stand corrected.)There’s some misinformation going on out there that there is already a worm targeting MS08–067. We haven’t been able to verify this.Looking at the particular trojan that blog mentioned, it seems to me to be a trojan related to the MS08–067 attacks that I took a quick look at this morning: