Go Back   Technibble Forums > Technical Discussions > Security, Viruses and Trojans

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #1  
Old 06-26-2012, 03:57 PM
Galdorf Galdorf is online now
 
Join Date: Feb 2009
Location: Ontario, Canada
Posts: 1,683
Galdorf will become famous soon enough
Default rootkits spread via crafted midi files on websites

Wow something i did not know about those exploits keep getting strange.

Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
Reply With Quote
  #2  
Old 06-26-2012, 04:19 PM
YeOldeStonecat's Avatar
YeOldeStonecat YeOldeStonecat is online now
 
Join Date: Nov 2011
Location: Southeast Connecticut
Posts: 7,918
YeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to behold
Default

Back doors have been using media files for years....lots of netbot agents get spread by people that like to download ...uhm..."free"...music and movies. Through that torrent/p2p crap. It's called "poisoned content"....the movie or music file is edited and a nice little package is in there...so when you "play" it...your computer quietly gets infected with a nice little netbot agent. So when you go to play that movie or song tonight..that you just downloaded from some unknown source....surprice..your computer silently had something else installed.
__________________
Resident "Geek on a Harley" doing IT in Southeast Connecticut
http://www.dynamic-alliance.com/
https://www.facebook.com/YeOldeStonecat
Reply With Quote
  #3  
Old 06-26-2012, 04:32 PM
NYJimbo's Avatar
NYJimbo NYJimbo is offline
 
Join Date: Jul 2008
Location: Long Island, you know, like the iced tea.
Posts: 6,660
NYJimbo is a glorious beacon of lightNYJimbo is a glorious beacon of lightNYJimbo is a glorious beacon of lightNYJimbo is a glorious beacon of lightNYJimbo is a glorious beacon of light
Default

Quote:
Originally Posted by YeOldeStonecat View Post
Back doors have been using media files for years....lots of netbot agents get spread by people that like to download ...uhm..."free"...music and movies. Through that torrent/p2p crap. It's called "poisoned content"....the movie or music file is edited and a nice little package is in there...so when you "play" it...your computer quietly gets infected with a nice little netbot agent. So when you go to play that movie or song tonight..that you just downloaded from some unknown source....surprice..your computer silently had something else installed.
+1 . This stuff has been around for years. All this patch does is fix WMP, which has been "fixed" several times before for the same reasons.
Reply With Quote
  #4  
Old 06-26-2012, 04:32 PM
iisjman07's Avatar
iisjman07 iisjman07 is offline
 
Join Date: Jul 2009
Location: South End Of The UK
Posts: 3,049
iisjman07 has a spectacular aura aboutiisjman07 has a spectacular aura about
Default

Is this still an active threat; that thread is from January?
__________________
put that in your pipe and grep it
Reply With Quote
  #5  
Old 06-26-2012, 05:11 PM
Galdorf Galdorf is online now
 
Join Date: Feb 2009
Location: Ontario, Canada
Posts: 1,683
Galdorf will become famous soon enough
Default

Quote:
Originally Posted by iisjman07 View Post
Is this still an active threat; that thread is from January?
Most customers i see don't have updates so yea if a site has this exploit they can get infected, most customers have compromised windows update that malware prevents it from working.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:09 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.