Advertisement
Panda Security
OXYGEN 3, E-bulletin on IT security

"Genius is eternal patience"

Michelangelo di Lodovico Buonarroti Simoni (1475-1564), Italian painter, sculptor and architect
(November 1, 1512, the Sistine Chapel was inaugurated)

 

Latest Microsoft vulnerability used to steal confidential data

PandaLabs, Panda Security's malware detection and analysis laboratory, has detected several malicious files that are exploiting the latest vulnerability announced by Microsoft (MS08-067) to infect users and steal confidential data including instant messaging passwords, login credentials used online, etc.

The vulnerability affects Microsoft Windows 2000, Windows XP and Windows Server 2003. You can check your system here: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

The risk involved in this type of vulnerability is considerable. Users are strongly advised to update their systems as soon as possible, as cyber-criminals have already begun to exploit this security flaw. As long as computers remain unpatched, they will be vulnerable to any of these new malicious codes.

"In addition to email and infected downloads, these vulnerability-exploiting malicious codes are being distributed directly across the Internet, even from legitimate Web pages, so users won't even realize they have been infected", explains Luis Corrons, Technical Director of PandaLabs.

One particular strain of malware which exploits this security hole, the Gimmiv.A Trojan, enables its creators to take complete control of the compromised system.

Once a computer has been infected, the Trojan starts gathering the following information:

  • User names and passwords entered in Web pages.

  • MSN Messenger passwords

  • Outlook Express passwords

  • System user name

  • Computer name

  • Patches installed

  • Information about the browser

    • All stolen information is encrypted using the Advanced Encryption Standard (AES) and sent to a remote server.

    "As the Trojan allows systems to be controlled remotely, they can then be used maliciously, say, for sending spam, storing stolen data, etc.", explains Corrons.: "Instant messaging is widely used in both corporate and domestic environments nowadays and this Trojan allows cyber-crooks complete access to information sent across this channel".

    PandaLabs advises users to update their operating systems as soon as possible and carry out a full scan of their computers. This can be done free from: www.pandasecurity.com/activescan

    For up-to-date computer security news go to the Panda Security Twitter.
    www.pandasecurity.com
     
    Panda protect your privacity.
    To unsubscribe from Oxygen3, please click here.    		 © Panda 2008