Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC: InfoSec Handlers Diary Blog - Trojan exploiting MS05-053 - TROJ_EMFSPLOIT.A (updated 2005-11-15) InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Trojan exploiting MS05-053 - TROJ_EMFSPLOIT.A (updated 2005-11-15)

Published: 2005-11-15
Last Updated: 2005-11-15 20:09:55 UTC
by Joshua Wright (Version: 3)
0 comment(s)
UPDATE: In a story reported yesterday (here), TrendMicro apparently now admits their analysts mis-anlyzed this trojan and that it does not actually exploit MS05-053.

Trend Micro is reporting a trojan in the wild (TROJ_EMFSPLOIT.A) that is exploiting the recent MS05-053 vulnerability announced on Tuesday.  The trojan causes EXPLORER.EXE to crash, which isn't so much fun for Windows users.

The Trend Micro notice is available at their site.  Fellow handler Pat Nolan did an excellent write-up of MS05-053 issues and recommendations at http://isc.sans.org/diary.php?storyid=831.

Thanks to the dutiful Juha-Matti for bringing this to our attention.


Keywords:
0 comment(s)
Diary Archives