[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Windows RPC worm (MS08-067) in the wild

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Windows RPC worm (MS08-067) in the wild
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Mon, 3 Nov 2008 15:52:13 +0200 (EET)

The worm-type exploitation has started. More information at
http://www.f-secure.com/weblog/archives/00001526.html

The worm component has reportdly detection name Exploit.Win32.MS08-067.g and 
the kernel component Rootkit.Win32.KernelBot.dg, in turn.

Symantec uses Worm category too and the name W32.Wecorl:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2

Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] 0day offer.
Next by Date: Re: [Full-disclosure] Securing our computers?
Previous by thread: Re: [Full-disclosure] Odays offers
Next by thread: Re: [Full-disclosure] Windows RPC worm (MS08-067) in the wild
Index(es):
- Date
- Thread