MS06-040 update



MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for “wormable” activity. There’s a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively “in the wild”, and of course, our perennial friends in the spamming world didn’t waste much time in making use of this one.


The quick turnaround now from vulnerability announcement to the exploit code being rolled up in a usable form REALLY emphasizes how important it is to keep your pc updated. We are in a war – it’s going on all the time and most people don’t notice it (to paraphrase from the recent Dr. Who revival)…. there are a lot of people out there that control a LOT of pc’s. The owners of the pc’s don’t realize it – they think they’ve just got annoying popups, but their computer ceased to be theirs a long time ago and the botnet controllers are eager to keep adding to the size of their army’s.

Why? rent them by the thousands to junk mailers, click fraudsters, illegal content hosting (child pornography/phishing/use your imagination/etc/etc/etc). They can be used to bring a web server to it’s knees silencing companies, or even government sites. They can be used for blackmail. There are a lot of possibilities. The bottom line is there are tens of thousands – possibly hundreds of thousands if not millions of computers out there on the internet owned by botnet herders and they’re always eager to find a way to add to the flock. Every patch day there are possibilities, some of them aren’t too promising, but sometimes there are a few vulnerabilities that are just right and can get rolled into arsenal to “recruit a few more bots.”

It’s interesting to note that in Brian Krebs update to his post on this, there are a number of interesting points – one is that the most recent Microsoft One Care antivirus update that was available for virustotal was almost 10 days old (8/04/06). I wonder if they’ll move towards once a month AV signature updates?….

Related Posts

Blog Traffic Exchange Related Posts
  • Remote Tech Support with x11vnc and wrapper script So, the idea is that I wanted something "like" the Ultranvnc Single Click download, only for linux. The main idea being is that if someone is looking for a bit of desktop tech support on linux, we don't need to be giving instructions for 5 different package managers, or source......
  • A closer look at x11vnc I've got to say, one of the things I really like about linux are the myriad of options for remotely administering a system. SSH is the one I use the most, but for the graphical you have x (especially on the LAN), nxserver (which is a compressed and optionally encrypted......
  • Gigabyte GA-7VT600 Motherboard automatically shutting off I've been struggling off and on with an issue on my Dad's computer the last month or so. He said that it would occasionally just shut off completely out of the blue. (He also admonished me not to spend much time on it. Unfortunately problems like this are usually the......
Blog Traffic Exchange Related Websites
  • Fast WordPress Hosting: Things You Should Check If you're starting a new wordpress blog and want to get the best and fast wordpress hosting service, here are some things you should check before signing up with any web hosting company. Fast Wordpress Hosting Server Uptime Of Hosting This is the first thing you should check as you......
  • iYogi iYogi is the world’s-fastest growing provider of comprehensive direct-to-consumer and small business remote tech support.With McAfee Sec - UR -rity ... U R at the center. Get Free Tech Support for Installation and Setup iYogi has more than 200,000 consumer and small business customers across four countries for its......
  • Review: GOOGLE's Android 2.3, Look At The Past Present And Future Of This Phenomenon. ANDROID 2.3, aka Gingerbread : RedLine Computing reviews To fully understand what this new phenomenon is, we have to start at the beginning. Let’s have a look at the history behind Android 2.3. Android was initially developed by Android Inc., as a mobile operating system. It is based upon a......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site