PDA

Visualizza versione completa : "Wargbot" Malware - Allerta 4 (Update - MS06-040)


Giorgius
14-08-2006, 10.31.00
Alias:
W32.Wargbot (Symantec), WORM_IRCBOT.JK [Trend], WORM_IRCBOT.JL [Trend], IRC-Mocbot!MS06-040 [McAfee], IRCBot.st

Effetti:
W32.Wargbot is a network-aware worm that opens an IRC back door on the compromised computer. It spreads by exploiting the Microsoft Windows Server Service Remote Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS06-040).

Info:
http://alerta-antivirus.red.es/virus/detalle_virus.html?cod=6203
http://www.f-secure.com/v-descs/ircbot_st.shtml


Aggiornamento AntiVirus urgente al 14/08/09 ;) (Y)

Giorgius
15-08-2006, 17.21.30
...The Retina-based tool can scan up to 256 systems at once to check specifically for vulnerabilities that leverage MS06-040 as an attack vector. Already downloaded more than 27,000 times, the tool is available online at: http://www.eEye.com/html/resources/downloads/audits/NetApi.html

Leggi: http://biz.yahoo.com/bw/060815/20060815005396.html?.v=1

Giorgius
15-08-2006, 17.22.20
Two worms based on a recently disclosed Windows flaw have been unleashed, but the attacks so far don't appear to be widespread, security experts said...

Leggi: http://www.zdnet.com.au/news/security/soa/Worm_duo_tries_to_hijack_Windows_PCs/0,2000061744,39266486,00.htm?feed=rss

Giorgius
15-08-2006, 17.23.27
However, it was unusual for the US government's anti-terrorism department to call on the public to seal a crack in Windows before attackers broke in.
"This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users," the DHS said in a release. Attackers could take advantage of the software weakness to remotely take control of computers, according to the DHS...

Leggi: http://australianit.news.com.au/articles/0,7204,20091088%5e15306%5e%5enbv%5e15306,00.html?f rom=rss

Giorgius
15-08-2006, 17.24.42
...The bot, dubbed "Wargbot" by Symantec but tagged with a bewildering list of alternate names by other security vendors, "was pretty predictable," said David Cole, the director of Symantec's security response group. "Last night for Europe and this morning in the U.S., we saw a bit of an uptick in [sample] submissions, but that was anticipated. It wasn't massive or even a Cat 3."

Leggi: http://www.desktoppipeline.com/showArticle.jhtml?articleId=192000083

Giorgius
15-08-2006, 17.29.12
Il Test di Retina conferma che la Patch Microsoft è del tutto inefficace per questa falla "seria" di Windows XP (peggiore della falla dell'ormai famoso Virus "Blaster") ;)

Occorre che gli sviluppatori di AntiVirus rilascino un "tool" per sistemare temporaneamente il problema, come già successo in altri casi di sicurezza informatica.