Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Trojan exploiting MS05-053 - TROJ_EMFSPLOIT.A - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Trojan exploiting MS05-053 - TROJ_EMFSPLOIT.A
Trend Micro is reporting a trojan in the wild (TROJ_EMFSPLOIT.A) that is exploiting the recent MS05-053 vulnerability announced on Tuesday.  The trojan causes EXPLORER.EXE to crash, which isn't so much fun for Windows users.

The Trend Micro notice is available at http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_EMFSPLOIT.A.  Fellow handler Pat Nolan did an excellent write-up of MS05-053 issues and recommendations at http://isc.sans.org/diary.php?storyid=831.

Thanks to the dutiful Juha-Matti for bringing this to our attention.
Joshua

34 Posts

Sign Up for Free or Log In to start participating in the conversation!