Members
Stats
  • Total Posts: 28498
  • Total Topics: 8238
  • Online Today: 842
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Microsoft confirm over 25 000 atacks by Obitel malware (MS10-042, fix, delete..)  (Read 2515 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Microsoft urged Windows users to update their software Tuesday, saying it's now seen more than 25,000 attacks leveraging one of the critical bugs fixed in July's monthly security patches.

Microsoft researchers tracked a "fairly large," spike in Web based attacks that exploit the problem over the past weekend, the company said in a blog postingTuesday. "As of midnight on July 12 (GMT), over 25,000 distinct computers in over 100 countries/regions have reported this attack attempt at least one time": http://blogs.technet.com/b/mmpc/archive/2010/07/13/update-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspx

On the busiest single day, Microsoft researchers tracked more than 2,500 attacks, a small number considering Windows' massive user-base. Still, Microsoft and security experts are worried about this flaw because it's been publicly known for more than a month, and has shown up in real-world attacks.

Users in Russia are now the most-targeted, Microsoft said. They have accounted for 2 percent of all attacks, which translates to about 10 times the total number of attacks per computer as the worldwide average. Portugal is the number-two most-targeted region.

Successful attacks secretly install malicious software on the victim's machine, often a program called Obitel. Once Obitel is on a PC, it enables other malware to be loaded, such as malware that can log keystrokes, send spam, or perform other nefarious task.

Two weeks ago, the total number of attacks logged by Microsoft was 10,000.

Security experts say the flaw is being exploited in drive-by Web attacks that are triggered by malicious code placed on hacked or malicious Web sites, although it could also be triggered in other applications -- e-mail readers, for example -- that can interact with Web pages.

To protect themselves from these attacks, Windows users need to install the MS10-042 update: http://www.microsoft.com/technet/security/Bulletin/MS10-042.mspx , released Tuesday.
It fixes a bug in the Windows Help and Support Center, which ships with Windows XP. Although this flaw also affects Windows Server 2003, Microsoft has only seen Windows XP attacks used by criminals.

More-recent versions of Windows such as Vista, Server 2008 and Windows 7 are not affected.

(PCW)

Samker's Computer Forum - SCforum.info





vishwanath99

  • SCF Member
  • **
  • Posts: 61
  • KARMA: 6
  • Gender: Male
Hi, Samker
    What exactly this vulnerability. What r d ports, network is this uses.
which part of Os is it hits. Is there any manual solutions for it. other then up date 

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Hi, Samker
    What exactly this vulnerability. What r d ports, network is this uses.
which part of Os is it hits. Is there any manual solutions for it. other then up date 

Hi Vishwanath,

"This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message."

If you have automatic updating enabled you'll not need to take any action because this security update will be downloaded and installed automatically.

If you don't have enabled automatic updating, check for updates and install this update manually.

More info's and download here: http://www.microsoft.com/downloads/details.aspx?familyid=7C2122BB-0ECF-4467-A3BA-6FB862F603C5&displaylang=en

Regards,

S.


Fintech

  • SCF Advanced Member
  • ***
  • Posts: 329
  • KARMA: 41
  • Gender: Male
I have in my both machines Windows 7 and they are protected from that!
I'm old man but still alive as well :)

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
I have in my both machines Windows 7 and they are protected from that!


Yeah, old XP is still main target for Malware creators...


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising