Blog

January 2009

Sighting of Kido Worm

0

Estimated reading time: 1 minute

The worm spread by exploiting the RPC vulnerability MS08-067, It also attempted to brute-force user passwords when connecting to the ADMIN$ share of systems on the local network.

Microsoft Updates

0

Estimated reading time: 1 minute

Overview of the January 2009 Microsoft patches and their status. MS09-001 Vulnerabilities in SMB Could Allow Remote Code Execution.

DNS poisoning vector

0

Estimated reading time: 1 minute

The Internet Systems Consortium has released an update for all supported BIND 9.x versions. In this update a potential DNS poisoning vector has been addressed. The problem appears to affect only specific BIND configuration where DNSSEC has been enabled. Refer to the ISC BIND Server software Index