funsec mailing list archives
RPC worm (MS08-067) in the wild
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Mon, 3 Nov 2008 18:26:26 +0200 (EET)
The first e-mail appeared only to bugtraq and full-disclosure, sorry, but is copied here: The worm-type exploitation has started. More information at http://www.f-secure.com/weblog/archives/00001526.html The worm component has reportedly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn. Symantec uses Worm category too and the name W32.Wecorl: http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2 Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: RPC worm (MS08-067) in the wild Juha-Matti Laurio (Nov 03)
- <Possible follow-ups>
- RPC worm (MS08-067) in the wild Juha-Matti Laurio (Nov 03)