Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

MS08-067 Attacks Arrive En-Masse

It has taken just on a month for the first real significant level of attacks against Microsoft's Critical out-of-cycle patch (MS08-067) to arrive. Microsoft's Malware Protection Center and many security companies are busily spreading word about the increase in attacks.

It is possible that the prediction that the week of ThanksGiving is the peak for system infections might just hold up.

From analysis performed by Microsoft, McAfee, Symantec, and others, the worm is known to do the following:

Once the system has been infected, the worm actually patches the vulnerable system calls so that other malware targeting the same vulnerability can not successfully infect the system over the top of the worm.

Somewhat interestingly, the worm is reported to be avoiding infecting Ukraine-based systems, something which might give some insight into who created the worm and why.

The worm is being alternatively described as Downadup or Conficker by different antimalware companies, but it is all the same. There are also several bots that are targeting the vulnerabilities patched in MS08-067.

If the MS08-067 patch has not yet been applied, it is critical that it is applied as soon as possible.

27 November 2008

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.