Home > Security News > Microsoft learns of successful RPC worm infections
Security News:
EMAIL THIS

Microsoft learns of successful RPC worm infections

By SearchSecurity.com Staff
01 Dec 2008 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

It's been more than a month since Microsoft issued an emergency out-of-band patch to fix a remote call procedure (RPC) flaw, but the software maker says some companies are learning the hard way by failing to deploy the update.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Microsoft said it has received a "string of reports from customers" saying that they have been infected by a new worm, a backdoor Trojan family that exploits the RPC flaw and then attempts to connect to an IRC server to download more malware and receive additional commands from an attacker.

"We continue to urge customers to deploy the update and make sure their security software is updated with the latest signatures," said Bill Sisk, response communication manager for the Microsoft Security Response Center (MSRC), in an update on MS08-067 emergency patch on the MSRC blog.

Microsoft issued the emergency patch Oct. 23, repairing the vulnerability which left Windows systems dangerously open to attack. It was only the fourth time that Microsoft released a security patch outside of its monthly cycle.

The software maker was worried that attackers could craft a wormable exploit. Within hours after the patch release, security researchers reported the discovery of the first Trojans in the wild attempting to exploit the flaw.



Tags: Malware, Viruses, Trojans and SpywareSecurity Patch ManagementWindows Security: Alerts, Updates and Best PracticesVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google



RELATED CONTENT
Malware, Viruses, Trojans and Spyware
Schneier-Ranum Face-Off: Is antivirus dead?
Modern malware, stealthy botnets, adapt quickly, expert says
Computer worm infections up, scareware antivirus down, Microsoft says
Web-based attacks skyrocket, pirating sites surge, security firms say
Mini guide: How to remove and prevent Trojans, malware and spyware
Kaspersky system analyzes malicious URLs on Twitter for malware
Silon malware intercepts Internet Explorer sessions, steals credentials
Breach forces payroll service provider PayChoice to shut down again
RSA research underscores problem tracking cybercriminals
Conficker analysis finds P2P coding limited, less sophisticated

Security Patch Management
Squad: Tokenization, Phishing and the Feds
Should management processes change based on a patch release schedule?
Should Windows Mobile updates come from Microsoft?
Adobe updates ColdFusion, JRun, Flex
Trusteer CEO criticizes Adobe, touts better patch deployments
Patch management study shows IT taking significant risks
Vulnerability mitigation study shows need for faster patching
Microsoft to issue security report card, new tool at Black Hat
How to manage patches for Adobe
When is it suitable to remove Java updates?

Windows Security: Alerts, Updates and Best Practices
Microsoft to address flaws in Windows, Office for Mac
Microsoft fixes security update that breaks Internet Explorer
What is the best database patch management process?
Microsoft addresses critical SMBv2 flaw, fixes record number of flaws
Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities
Microsoft releases temporary fix for SMB2 zero-day vulnerability
Microsoft issues SMB vulnerability advisory, patch pending
Attackers target Microsoft IIS; new SMB flaw discovered
Microsoft repairs Windows media, TCP/IP vulnerabilities
Microsoft five critical updates won't include IIS

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
bot worm  (SearchSecurity.com)
directory traversal  (SearchSecurity.com)
government Trojan  (SearchSecurity.com)
Kraken  (SearchSecurity.com)
man in the browser  (SearchSecurity.com)
polymorphic malware  (SearchSecurity.com)
RAT (remote access Trojan)  (SearchSecurity.com)
RavMonE virus  (SearchSecurity.com)
RFID virus  (SearchSecurity.com)
Rock Phish  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts