tkrabec
New Member
- Reaction score
- 3
- Location
- Indiantown
There are some major flaws in Microsoft's implementation of RPC in realtion to SMB shares. I have a quick write up for non techies here smbminute.com/?p=16. Here is Microsoft's link http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
I've been hanging out and talking to the fine folks at #dshield & pauldotcom on irc (irc.freenode.net). The consensus seems to be that this has a very good chances of being weaponized and turned into a worm, that has the potential to be worse the Blaster worm from 2003. I know that companies like Immunity and Core are working hard to get their exploits written to include in their Pentesting & auditing applications. Given how close the goody guys are, and knowing that Microsoft said there were ~100 or so compromised hosts in the wild.
I would suspect this will be weaponized within the week. Please get your customes to patch, quickly, test the patches where necessary, but roll them out.
I've been hanging out and talking to the fine folks at #dshield & pauldotcom on irc (irc.freenode.net). The consensus seems to be that this has a very good chances of being weaponized and turned into a worm, that has the potential to be worse the Blaster worm from 2003. I know that companies like Immunity and Core are working hard to get their exploits written to include in their Pentesting & auditing applications. Given how close the goody guys are, and knowing that Microsoft said there were ~100 or so compromised hosts in the wild.
I would suspect this will be weaponized within the week. Please get your customes to patch, quickly, test the patches where necessary, but roll them out.