The network worm and backdoor Trojan, Donk-D, has been reported in the wild, warns anti-virus company Sophos.

Copying itself to network shares with weak passwords, it also attempts to spread by exploiting the now-familiar vulnerabilities in Windows RPCSS service - see also today's story New RPC flaw in Windows.

This allows the worm to execute its code on target computers with System level priviledges, which was the flaw first addressed by Microsoft security bulletin MS03-026. Backdoor Trojan functionality also enables a remote attacker to control the computer via IRC channels.

source: pcpro


The wise make mistakes, the fools repeat them
----------------------------------------
When you have eliminated the impossible, that which remains, however improbable, must be the truth