Author Topic: MS08-067 Worm Dangers  (Read 7277 times)

0 Members and 1 Guest are viewing this topic.

Offline zep516

  • Malware Experts
  • Sr. Member
  • *****
  • Posts: 274
    • View Profile
MS08-067 Worm Dangers
« on: January 15, 2009, 03:42:53 PM »
You're only as safe as your last update.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20879
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: MS08-067 Worm Dangers
« Reply #1 on: January 15, 2009, 11:28:04 PM »


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline zep516

  • Malware Experts
  • Sr. Member
  • *****
  • Posts: 274
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #2 on: January 15, 2009, 11:51:23 PM »
You're only as safe as your last update.

Offline Frands

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1069
  • Esbjerg, Denmark
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #3 on: January 16, 2009, 02:36:52 PM »
Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Trend Micro Internet Security


Home Forums:
https://www.landzdown.com/
http://securitygarden.blogspot.dk/
https://www.classicrockforums.com/

Offline Eric the Red

  • ISO/IEC 27001:2013, CISMP, MRi
  • Administrator
  • Hero Member
  • *****
  • Posts: 1620
  • Would somebody please pass me a beer!
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #4 on: January 16, 2009, 05:23:14 PM »
What the heck, I'll join the party with this offering from the UK Covernment's "Centre for the Protection of National Infrastructure".

Quote
The vulnerability addressed in MS08-067 continues to be exploited by the Downadup / Conficker (and variants) worm.  This advisory acts as a reminder for continued caution.

CPNI are aware of continuing infections of the Downadup / Conficker worm.  CSIRTUK advise extra vigilance at this time and recommend consulting the advice provided on the following websites:

There then follows a list of links.

http://www.cpni.gov.uk/Products/alerts/3747.aspx
"The time to start running is around about the "e" in "Hey, you!" "


Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #6 on: January 21, 2009, 01:37:42 PM »
I didn't read every single article here, but it seems that Windows users are being directed to get this critical update:
KB958644

When I checked my update logs, it seems this update went out in October. This is the date my system was patched:
Friday October 24
Security Update for Windows XP (KB958644)

So is this a continuation of the same warning, or is there a new threat?




Offline R-C

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 2832
  • Laissez les bons temps rouler!
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #7 on: January 21, 2009, 05:37:49 PM »
it just goes to show how many people did not get the windows patch even when it was a special patch that was put out with much publicity and warnings, as an out of band patch.
I even saw tv news broadcasts emphasizing the importance of getting that patch back when it came out.
registered Linux user:476595
May inspiration fill your heart and hands, run down your legs onto your feet and cause Spontaneous Dancing! :dance:

Offline Eric the Red

  • ISO/IEC 27001:2013, CISMP, MRi
  • Administrator
  • Hero Member
  • *****
  • Posts: 1620
  • Would somebody please pass me a beer!
    • View Profile
Re: MS08-067 Worm Dangers
« Reply #8 on: January 21, 2009, 06:04:44 PM »
I didn't read every single article here, but it seems that Windows users are being directed to get this critical update:
KB958644

When I checked my update logs, it seems this update went out in October. This is the date my system was patched:
Friday October 24
Security Update for Windows XP (KB958644)

So is this a continuation of the same warning, or is there a new threat?


Yes, the patch did go out in October and we are now seeing an attack that tries to exploit the vulnerability that that patch closed. Many users, particularly Corporate users, do not use the auto-update feature for fear of the impact that Microsoft's patches may have on their networks - they like to be able to check that the applications that they use are not affected by the patch before they apply it. Those types of users, if they didn't install MS08=067, are particularly vulnerable to this threat. As a home user with the auto-update enabled you should not be under threat if you practice safe computing.



"The time to start running is around about the "e" in "Hey, you!" "

Offline dp

  • Visiting Experts
  • Jr. Member
  • *****
  • Posts: 5
    • View Profile
    • DP's Security Bits
Re: MS08-067 Worm Dangers
« Reply #9 on: January 23, 2009, 10:45:40 AM »
January 22, 2009: MS08-067 Conficker Worm Update

Microsoft Malware Protection Center has published a Threat Research and Response Blog that centralizes Microsoft’s guidance.

Centralized Information About The Conficker Worm

Since the time Microsoft released security update MS08-067, we have released information about MS08-067 exploits and specifically about the Conficker worm in our malware encyclopedia and in multiple blog posts for example here. This blog provides a summary of the available information Microsoft has provided on the Conficker worm and the vulnerability it exploits, which Microsoft addressed with MS08-067.

First, we outline the various attack vectors because it’s important for customers to understand that the Conficker worm utilizes a variety of attack vectors to infect machines. Based on this analysis we follow up with guidance for what customers can do to protect themselves. The first and most important piece of guidance is to immediately deploy the security update associated with Microsoft Security Bulletin MS08-067, if you haven’t already. However, because this worm utilizes a number of additional vectors of attack we provide additional information and guidance to help you build a defense in depth approach. Finally, we close with information and pointers to how to clean up your machine using the Microsoft Malicious Software Removal Tool.

http://blogs.technet.com/mmpc/archive/2009/01/22/centralized-information-about-the-conficker-worm.aspx
Microsoft MVP - Consumer Security since 2004
DP's Security Bits