"Several antivirus vendors are reporting on Monday a new round of exploitation of Microsoft’s out-of-cycle security bulletin last month. The flaw in MS08-067, which affects how remote procedure calls (RPC) are handled in the Windows Server Service, has the potential to become a fast-spreading worm, according to Microsoft. But experts predict any exploitation will be bundled within an existing Trojan horse or botnet package because that’s where criminals can make the most money from the malware code.
The way the attack works is that the criminal points his computer at a target PC. The autorooter goes out to the Internet and pulls down exploit code for vulnerabilities including MS08-067. Once the target computer is compromised, the criminal then installs code of choice." – Content courtesy of Bots exploiting Microsoft’s latest RPC flaw | Latest Security News – CNET News
You may also like to read