Another update to exploit?



I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today found that there was another update. I haven’t compared the old/new versions but can’t help but wonder if this means more scrambling of antivirus writers for new signatures to keep up.


Spyware Confidential is linking to an update at Larry Seltzer’s blog updating the situation on antivirus scanning for the exploit.

It’s good to see the list current, I was afraid the 12/31 list was giving a bit of overconfidence.

After I read, I tested the new module variation against clamav and must say it performed very well, 100%.

Related Posts

Blog Traffic Exchange Related Posts
  • Antivirus scanning update for WMF I hung on to the last batch of 20 wmf exploit samples I had been working with for the purpose of testing my clamantivirus install against them to see when "full detection" of all 20 had been acheived. Last night, with version 1227 of the daily.cvd database, they were still......
  • How to Remove TRE Antivirus | TRE Antivirus Removal Guide TRE Antivirus is a new entry in the Wini Family of rogue antivirus software. This family includes SoftCop (SoftCop Removal), Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal),......
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
Blog Traffic Exchange Related Websites
  • Programmer and Blogger Seeks Credit Score Improvment Loan My Prosper Group is proud to present our 3rd listing (2nd endorsed listing)... This listing is attempting to put the social in social capital. The Penny Saved has been a known blogroll buddy of RateLadder for sometime. He asked me about this loan strategy about 2 months ago. This is......
  • Reasons To Ignore Toolbar Pagerank Updates There seems to be this hysteria around Google and its Toolbar updates. Maybe it relates to webmasters and web designers thinking that once Google make this fabled toolbar update that their website will magically jump up in the SERP's. Well I cannot say this clearly enough but if this is......
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010¬†|¬†Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site