rootkits spread via crafted midi files on websites

[Galdorf]

Wow something i did not know about those exploits keep getting strange.

Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

[YeOldeStonecat]

Back doors have been using media files for years....lots of netbot agents get spread by people that like to download ...uhm..."free"...music and movies. Through that torrent/p2p crap. It's called "poisoned content"....the movie or music file is edited and a nice little package is in there...so when you "play" it...your computer quietly gets infected with a nice little netbot agent. So when you go to play that movie or song tonight..that you just downloaded from some unknown source....surprice..your computer silently had something else installed.

[NYJimbo]

Quote:

Originally Posted by YeOldeStonecat

Back doors have been using media files for years....lots of netbot agents get spread by people that like to download ...uhm..."free"...music and movies. Through that torrent/p2p crap. It's called "poisoned content"....the movie or music file is edited and a nice little package is in there...so when you "play" it...your computer quietly gets infected with a nice little netbot agent. So when you go to play that movie or song tonight..that you just downloaded from some unknown source....surprice..your computer silently had something else installed.

+1 . This stuff has been around for years. All this patch does is fix WMP, which has been "fixed" several times before for the same reasons.

[iisjman07]

Is this still an active threat; that thread is from January?

[Galdorf]

Quote:

Originally Posted by iisjman07

Is this still an active threat; that thread is from January?

Most customers i see don't have updates so yea if a site has this exploit they can get infected, most customers have compromised windows update that malware prevents it from working.