Exploits aimed at PCs that haven't been patched with October's emergency fix

(Computerworld) Security researchers at Microsoft Corp. late yesterday warned of a significant increase in exploits of a Windows bug that the software vendor patched with an emergency fix last month, confirming earlier reports by Symantec Corp.

Microsoft again urged users to apply the MS08-067 patch if they have not already done so.

The new attacks, which Microsoft's Malware Protection Center said began over the weekend but spiked during the past two days, use the same worm that Symantec first spotted last Friday.

Dubbed "Conficker.a" by Microsoft and "Downadup" by Symantec, the worm exploits a vulnerability in the Windows Server service, which is used by all versions of the operating system to connect to file and print servers on a network. Microsoft patched the bug in an out-of-cycle update five weeks ago, after it discovered a small number of infected PCs, most of them in Southeast Asia.

According to Ziv Mador, a researcher with the Microsoft Malware Protection Center, the new wave of attacks has spread in corporations and hit "several hundred" home users. Most of the infection reports have come from U.S. users, said Mador in a post to the Malware Protection Center's blog, but his team has received calls from users in several other countries, too.


More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9121660&source=NLT_PM&nlid=8