Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft April Security Updates - Ms08-021 Exploit In-the-wild


  • Please log in to reply
1 reply to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:06:46 PM

Posted 11 April 2008 - 03:57 PM

Based on ISC and Symantec's warnings below, it appears that MS08-021 is being actively exploited in the wild Posted ImagePosted ImagePosted Image It is advised that folks apply the April updates as quickly as possible using the Windows Update process

Microsoft April Security Updates - MS08-021 Exploit in-the-wild
http://isc.sans.org/diary.html?storyid=4274
www.symantec.com/security_response/threatcon/index.jsp

QUOTE: The ThreatCon is currently at Level 2. The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570).

At least three different sites are hosting the images; two different malicious binaries are associated with the attacks. Analysis of the images has shown that although they appear to be malicious, they do not contain enough data in the associated image property to sufficiently trigger the vulnerability.

We are still investigating as to why this may be the case. Users are advised to apply the MS08-021 patches immediately. These attack attempts highlight the severity of this issue -- it is only a matter of time before new images that successfully trigger the issue are observed in the wild.

BC AdBot (Login to Remove)

 


#2 skyfuser

skyfuser

  • Members
  • 470 posts
  • OFFLINE
  •  
  • Location:California
  • Local time:03:46 PM

Posted 27 April 2008 - 05:14 AM

So images are causing these malicious things to download or something? >_<
I don't wanna bring out IE again... sigh.
Thanks for update :thumbsup:
"If a man is offered a fact which goes against his instincts, he will scrutinize it closely, and unless the evidence is overwhelming, he will refuse to believe it. If, on the other hand, he is offered something which affords a reason for acting in accordance to his instincts, he will accept it even on the slightest evidence. The origin of myths is explained in this way." - Bertrand Russell




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users