検索:
ホーム   »     »   Malware Exploits MS05-047 Vulnerability

Malware Exploits MS05-047 Vulnerability

  • 投稿日:2005年11月22日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Just when Microsoft published MS05-047 vulnerability which is dubbed as ‘Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege’ a couple of days after, a remote exploit was publicly posted on FrSIRT.

And just as we expected, a malware that utilizes this exploit follows!

The malware behaves as a backdoor. It installs itself as a service with the name ‘Windows UDP Communication’. To be able to notify the author of the malware, it connects the infected system to particular IRC server/s then only that the attacker can gain control of the affected system. In effect, it registers the affected system as member of a botnet.

Just as other bots, this malware can perform Distributed Denial of Service (DDOS) such as SYN and UDP flood attacks. And the reason why I posted this malware is that it carries an exploit on its body as part of its malicious activites. It exploits the newly published vulnerability abovementioned as one of the commands that the attacker can issue to the affected system remotely!

The malware has been given the detection name BKDR_MOCBOT.A. So, be sure that you have patched up your system to lessen the impact of this kind of malware!

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.