Downadup exploits Windows vulnerability

Security researchers at Microsoft Corp. late yesterday warned of a significant increase in exploits of a Windows bug that the software vendor patched with an emergency fix last month, confirming earlier reports by Symantec Corp. Microsoft again urged users to apply the MS08-067 patch if they have not already done so. The new attacks, which Microsoft’s Malware Protection Center said began over the weekend but spiked during the past two days, use the same worm that Symantec first spotted last Friday. Dubbed “Conficker.a” by Microsoft and “Downadup” by Symantec, the worm exploits a vulnerability in the Windows Server service, which is used by all versions of the operating system to connect to file and print servers on a network.

Microsoft patched the bug in an out-of-cycle update five weeks ago, after it discovered a small number of infected PCs, most of them in Southeast Asia. The worm also resets the machine’s system restore point, said Microsoft in its technical write-up, which may make it difficult or impossible to “roll back” Windows to a pre-infection state. PCs that have been patched with the MS08-067 fix are protected, Ziv Mador, researcher with the Microsoft Malware Protection Center, stressed.

Leave a comment | Trackback
Nov 27th, 2008 | Posted in Security, Software
Tags: , ,
No comments yet.

Leave a comment

XHTML: Usable tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
RSS for comments on this post

Disclaimer: For any content that you post, you hereby grant to Deadhouse Gates the royalty-free, irrevocable, perpetual, exclusive and fully sublicensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and display such content in whole or in part, world-wide and to incorporate it in other works, in any form, media or technology now known or later developed. Some rights reserved.