Yup, took this long for someone to start properly abusing the MS08-067 vulnerability. There’s a worm now on the loose that uses the exploit. The worm component comes coupled with a kernel mode DDOS bot that’s been doing the rounds for a while now.
(more…)
View full post on MW-Blog
Related Posts
- Getting Started with Cloud Security and Risks – Favorite Frameworks
The economics and innovation of cloud computing makes the cloud an appealing paradigm even for organizations that would not otherwise consider it due to governance, risk, compliance (GRC) and associa... - Enterprise risk management: Get started in six steps
Let's say your organization doesn't have a formal enterprise risk management program. If you're at a big company, ERM might seem daunting because of silos, inertia and so on.
View full post on Netw... - MS08-067 and Trojan.Gimmiv.A
On 24 October 2008, Microsoft released an out-of-cycle patch that addressed a stack buffer overflow vulnerability in the Microsoft Windows Server service MS08-067, CVE-2008-4250. Per Microsoft, "This ... - MS08-067 and W32.Wecorl
On 2 November 2008, Symantec reported a “worm” called W32.Wercol that attempted to exploit the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (MS08-067). The followi... - Getting Started With IPv6
Getting IPv6 up and running
Install the miredo package:
$ sudo apt-get install miredo
After this command, you should see an IPv6 address beginning with "2001:0:" in your network settings (use 'ifconfi... - First PoCs targeting english Windows OS’s on MS08-067
This lovely morning saw the first Proof of Concept binaries targeting the English localized Windows OS’s that are vulnerable to the MS08-067. The exploit payload adds the guest account to the ad...
Posted on 03 May 2010. Tags: MS08067, started
