US-CERT is aware of public reports of a worm circulating that has the capability of exploiting the patched vulnerability described in Microsoft Security Bulletin MS08-067.
US-CERT encourages users to do the following to help mitigate the risks:
- Review Microsoft Security Bulletin MS08-067 and apply the update or workarounds listed.
- Install antivirus software, and keep the virus signatures up to date.
Symantec has identified W32.Downadup.B as a new worm that is spreading by taking advantage of the RPC vulnerability from MS08-067.