|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Mike Johnson (mike
enoch.org)
Date: Fri Oct 24 2008 - 01:36:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fionnbharr wrote:
> http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html
>
> "Critical vulnerability in Server Service has only been patched by
> Microsoft (MS08-067), as a new worm called Gimmiv.A has been found
> exploiting it in-the-wild."
Just to split hairs, Gimmiv is a trojan, not a worm. It's just a
keylogger. It in and of itself does not spread. I have no idea why the
Threatexpert blogger called it a worm, everyone else calls it a trojan.
While I do not claim to be an expert, the samples I have seen with my
own eyes are trojans and don't have the ability to spread.
That said, it won't take much for someone to write self-replicating code
exploiting this vulnerability.
Mike
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]