[Full-Disclosure] re: First Report : New Blaster?

[Willem Koenings]

> Heya folks. Can I claim possible new Blaster type execution on Windows XP
> SP2 (Buid v. 2096)? Nothing reported by major vendors, but ... 

I don't think so. Beside MS04-007 ASN.1 Remote DoS Exploit, there is
worm called Sepuc. It uses multistage infection method via IE/chm
and injects two dll files to lsass process space thus causing lsass
to crash.

W.


-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm