MS08-067 is being actively exploited...

Here is just one example:
http://vil.mcafeesecurity.com/vil/content/v_152898.htm

Threatexploit blog:
http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html

You're patching, yes?

Watch out for crashes affecting svchost.exe and netapi32.dll.

ISC have raised their threat level to Yellow.

There are two more webcasts set up:

For the Thursday, 10/23/08, 5:00 PM Webcast, customers can register at:
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032394183&Culture=en-US

For the Friday, 10/24/08, 11:00 AM Webcast, customers can register at:
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032394179&Culture=en-US

A recording of the original webcast is now available:
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032393978&EventCategory=4&culture=en-US&CountryCode=US

So far we know that the bad guys already using the vulnerability have been utilizing:

doradora.atzend.com (69.162.76.42)
perlbody.t35.com (66.45.237.219)
summertime.1gokurimu.com (59.106.116.229) (note: disog.org has mis-spelled this domain name)
59.106.145.58

Cite: http://www.disog.org/

Published Fri, Oct 24 2008 13:10 by sandi

Filed under: Vulnerabilities, viruses and exploits

Spyware Sucks

Blog Recent Posts

Syndication

Search

News

Blog Archive List

Tag Cloud

MS08-067 is being actively exploited...