 |
Current Activity Calendar
|
May 7, 2003 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.
Peido-B Trojan Horse / "Mother's Day" Virus added May 7 The CERT/CC has received reports of a trojan program known as "Peido-B", "VBS/Inor.B", or "Mother's Day Virus". It arrives in an email masquerading as an 'undeliverable' message. Upon opening the attachment, an executable file is downloaded and run on the victim's machine. The CERT/CC strongly encourages users to install anti-virus software, and keep its virus information files up-to-date. Companies may also wish to consider: You may also wish to visit the CERT/CC's computer virus resources page.
A buffer overflow vulnerability exists in ntdll.dll. This vulnerability may allow a remote attacker to execute arbitrary code on the victim machine. An exploit is publicly available for this vulnerability which increases the urgency that system administrators apply a patch. The CERT/CC strongly encourages sites Windows to read CERT Advisory CA-2003-09, examine their systems for signs of compromise and apply the appropriate patch as soon as possible. Increased Activity Targeting Windows Shares updated March 13 | portions added March 10, March 13 The CERT/CC has received reports of propagation of a worm known as W32.Deloder as well as other malicious code which exploit network shares with null or weak Administrator passwords on Windows 2000/XP systems. This malicious code propagates via port 445/tcp and often installs backdoor applications on compromised systems. Additional details can be found in CERT Advisory CA-2003-08. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
