Thursday, October 23rd, 2008
"MS08-067 - Remote RPC based code execution
Microsoft has announced an out of cycle patch for this vulnerability. They report that it affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
The vulnerability is quite serious and can be exploited by network worms. Currently there is one known worm that tries to exploit this vulnerability. We (and hopefully most other AV vendors) call it W32/Gimmiv.A. We have released definition files that detect it.
We strongly suggest that all Windows based computers be behind a firewall and that all RPC traffic be blocked. We also strongly suggest applying this patch when it is available.
Initial reports suggest that W32/Gimmiv.A can be a password stealer."
Thursday, October 23rd, 2008