Recent Posts

Community

Email Notifications

Personal Links

Archives

Harry Waldron - Computer Security News

Security Developments, Best Practices, and Important Security Updates

Microsoft April Security Updates - MS08-021 Exploit in-the-wild

Based on ISC and Symantec's warnings below, it appears that MS08-021 is being actively exploited in the wild   It is advised that folks apply the April updates as quickly as possible using the Windows Update process

Microsoft April Security Updates - MS08-021 Exploit in-the-wild
http://isc.sans.org/diary.html?storyid=4274
www.symantec.com/security_response/threatcon/index.jsp

QUOTE: The ThreatCon is currently at Level 2. The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570).

At least three different sites are hosting the images; two different malicious binaries are associated with the attacks. Analysis of the images has shown that although they appear to be malicious, they do not contain enough data in the associated image property to sufficiently trigger the vulnerability.

We are still investigating as to why this may be the case. Users are advised to apply the MS08-021 patches immediately. These attack attempts highlight the severity of this issue -- it is only a matter of time before new images that successfully trigger the issue are observed in the wild.

Posted: Apr 11 2008, 09:53 PM by Harry Waldron | with 2 comment(s)

Comments

Microsoft news and tips » Microsoft April Security Updates - MS08-021 Exploit in-the-wild said:

Pingback from  Microsoft news and tips » Microsoft April Security Updates - MS08-021 Exploit in-the-wild

# April 13, 2008 1:18 AM

Microsoft news and tips » Microsoft April Security Updates - MS08-021 Exploit in-the-wild said:

Pingback from  Microsoft news and tips » Microsoft April Security Updates - MS08-021 Exploit in-the-wild

# April 13, 2008 1:18 AM