Microsoft Security Advisory (958963)

Home » Windows & System Security » Security News and Software Updates &... » Microsoft Security Advisory (958963)

Rate Topic

Display Mode

Topic Options

Author

Message

RichieUK

Posted 10/28/2008 3:20 AM

Senior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 29,548, Visits: 54,734

Microsoft Security Advisory (958963)
Exploit Code Published Affecting the Server Service
Published: October 27, 2008
http://www.microsoft.com/technet/security/advisory/958963.mspx

_______________________________________________

ASAP & UNITE member since 2006

Post #244906

RichieUK

Posted 10/29/2008 5:03 AM

Senior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 29,548, Visits: 54,734

Latest Microsoft vulnerability used to steal confidential data
PandaLabs has detected several malicious files that are exploiting the latest vulnerability announced by Microsoft (MS08-067) to infect users and steal confidential data including instant messaging passwords, login credentials used online, etc. The vulnerability affects Microsoft Windows 2000, Windows XP and Windows Server 2003.

One particular strain of malware which exploits this security hole, the Gimmiv.A Trojan, enables its creators to take complete control of the compromised system.
Once a computer has been infected, the Trojan starts gathering the following information:

* User names and passwords entered in Web pages.
* MSN Messenger passwords
* Outlook Express passwords
* System user name
* Computer name
* Patches installed
* Information about the browser

All stolen information is encrypted using the Advanced Encryption Standard (AES) and sent to a remote server.

http://www.net-security.org/malware_news.php?id=1000

_______________________________________________

ASAP & UNITE member since 2006

Post #244921

« Prev Topic | Next Topic »

Reading This Topic

All times are GMT -6:00, Time now is 8:05pm