"We have received a report on TCP port 1025 scan. David has observed an increase in port 1025 scan and submitted some packet captures to us. From the captured packet, it contains a request to interface UUID: 906b0ce0-c70b-1067-b317-00dd010662da and BuildContextW (opnum 7) RPC function. Part of the packet payload resembles the MSDTC exploit. This appears to be exploiting MS05-051 vulnerability as described in eEye advisory. If you have seen similar observation, do drop us a note."
today they posted a graph of increased activity here.
The part that I found interesting, "Over the last hour, 37 % of the visitors to this site were vulnerable to the Internet Explorer 0-day exploit. (result based on browser version and javascript enabled)
You are considered not vulnerable" Are you vulnerable? click here to find out.
--MissM
No comments:
Post a Comment
All comments are moderated.
Note: Only a member of this blog may post a comment.