Microsoft is aware that detailed exploit code demonstrating code execution has been published on the Internet for the vulnerability that is addressed by security update MS08-067. This exploit code demonstrates code execution on Windows 2000, Windows XP, and Windows Server 2003. Microsoft is aware of limited, targeted active attacks that use this exploit code. At this time, there are no self-replicating attacks associated with this vulnerability. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue.
Our investigation of this exploit code has verified that it does not affect customers who have installed the updates detailed in MS08-067 on their computers. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.
-------------------------------------------------
Microsoft seems to confirm that idea that the piece of malware being called Gimmiv.A was the malware used in these observed limited, targeted attacks.
On the MSF front, HD Moore added the first real MS08-067 Metasploit module just about 6 hours ago. It currently supports XP SP2/SP3 + DEP and Windows 2003 SP0/SP1 without DEP, more targets soon...
No comments:
Post a Comment