Email Address:
« Scareware Pushers Sued by Washington State & Microsoft | Main | More Reaction to Stallman and the Stupidity of the Cloud »
A post at F-Secure describes an unusual technique for rootkit malware to infect Windows.
Rootkits typically use specialized drivers to mess with the kernel but F-Secure has found a that Worm.Win32.AutoRun.nox uses a vulnerability known as the GDI Local Elevation of Privilege Vulnerability. Microsoft has patched it.
More details are available here.
TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/870
Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine