MS Security Alert - OCT 2008

Thursday, 23 October 2008 14:59

Alert CVE-2008-4250 Microsoft MS08-67 security

MS Security ALERT

Please note a critical security patch has been released out-of-cycle for Microsoft Products.

Please patch ASAP.

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

http://voices.washingtonpost.com/securityfix/2008/10/microsoft_to_issue_emergency_s_1.html

http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx

** UPDATE 10/24/08 11:00 EST **

Milw0rm POC: http://milw0rm.com/exploits/6824

Technical Analysis: http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html

Reports of 7 Variantes at this time: http://blogs.authentium.com/virusblog/?p=284

Ensure you block the following at your Web Gateways:

hxxp://summertime.1gokurimu.com
hxxp://perlbody.t35.com
hxxp://doradora.atzend.com

** UPDATE 10/24/08 14:30 EST **

Details relating to the Microsoft Code that is effected by the worm: http://www.phreedom.org/blog/2008/decompiling-ms08-067/

Snort Rules By Secureworks: http://www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_MS08-067

** UPDATE 10/27/08 09:30 EST **

Details on the Milw0rm POC: http://www.dontstuffbeansupyournose.com/?p=35

Regards,

Jason

Add your comment

Your name:
Your email:
Subject:
Comment:

Word verification:

yvComment v.1.25.3

Like it? Share it!

Add to: JBookmarks

Add to: Facebook

Add to: Del.icoi.us

Add to: StumbleUpon

Add to: Slashdot

Add to: Technorati

Main Menu

My Certifications

BB Training
Certified Ethical Hacker

Certified Application Security Specialist

Tags

This will be shown to users with no Flash or Javascript.