Trend Micro Detection of MS08-067

Body:

Just got this from Trend – they are already detecting known worms that exploit systems not patched with MS08-067 that was released less than 12 hours ago by Microsoft.

http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=TSPY_GIMMIV.A is the first one out of the blocks. I’ve got more background technical info on this and I’ve found that Trends WFBS blocks IE access to the sites where the encrypted files are stored – now that’s good, but YOU STILL NEED TO PATCH YOUR SYSTEMS. You will need Trend Pattern file 615 to detect this worm.

Trend also have a security advisory here

I’ll post more info as it comes to hand. – Thanks Dal for the heads up on this.

Published: 24/10/2008 1:50 PM

Leave a Reply

Your email address will not be published. Required fields are marked *