On November 14th, Microsoft released the security bulletin MS06-070, regarding a critical vulnerability in the Workstation service. This vulnerability can be exploited across the Internet, by sending specially crafted network messages to a vulnerable Windows XP/2000 computer.
There already exists a PoC (detected as WKSSVC) that exploits this vulnerability. This means we could be facing a real piece of malware using it in the near future (or not…).
As we mentioned in previous posts, this seems to be the "vulnerabilities quarter", so we expect some news about them.
You can find more information at the Malware Encyclopedia.
How lucky that you had already patched your computer…
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
