Microsoft learns of successful RPC worm infections |
 |
By SearchSecurity.com Staff
01 Dec 2008 | SearchSecurity.com |
|
|
It's been more than a month since Microsoft issued an emergency out-of-band patch to fix a remote call procedure (RPC) flaw, but the software maker says some companies are learning the hard way by failing to deploy the update.
|
| SearchSecurity.com: |
| To get security news and tips delivered to your inbox, click here to sign up for our free newsletter. |
|
|
|
|
Microsoft said it has received a "string of reports from customers" saying that they have been infected by a new worm, a backdoor Trojan family that exploits the RPC flaw and then attempts to connect to an IRC server to download more malware and receive additional commands from an attacker.
"We continue to urge customers to deploy the update and make sure their security software is updated with the latest signatures," said Bill Sisk, response communication manager for the Microsoft Security Response Center (MSRC), in an update on MS08-067 emergency patch on the MSRC blog.
Microsoft issued the emergency patch Oct. 23, repairing the vulnerability which left Windows systems dangerously open to attack. It was only the fourth time that Microsoft released a security patch outside of its monthly cycle.
The software maker was worried that attackers could craft a wormable exploit. Within hours after the patch release, security researchers reported the discovery of the first Trojans in the wild attempting to exploit the flaw.
|
|
|
|
