Hi, Michael here. Every bug is an opportunity to learn, and the security update that fixed the data binding bug that affected Internet Explorer users is no exception.

Posted by Steve Shockley on Dec 03
On 12/3/2008 12:24 AM, VMware Security team wrote:
> A memory corruption condition may occur in the virtual machine
> hardware. A malicious request sent from the guest operating
> system to …

Posted by Memisyazici Aras on Nov 25
<RANT>
<snip:: taken from MSRC Blog: http://blogs.technet.com/msrc/archive/2008/11/11/ms08-068-and-smbrelay.aspx>
What we released today with MS08-068 is that security update. It addresses the SMBRelay issue (discovered in 2001) does so in a …

Posted by Valdis.Kletnieks_at_vt.edu on Nov 21
On Thu, 20 Nov 2008 23:28:31 CST, Fredrick Diggle said:
> everyone’s best interest. Also Diggle Sec is working on iptables
> patches to allow those who do not want to …

Posted by Debasis Mohanty on Nov 17
Having not found one (except msf) that reliably works against my own setup
thought of writing my own MS08-067 exploit piece. Plugged the shellcode for
win2k and win2k3[sp2]. No plans for …

Click the edit link above to add more information. … team has released new revisions for MS08-053 (KB954156) and MS08-0… Read more…

Read the rest here:
47962: Microsoft Windows Media Encoder wmex.dll ActiveX Overflow

Posted by n3td3v on Nov 8
There is no evidence of 0day in the wild for the upcoming patches and
Microsoft have released no information to suggest so.
On Fri, Nov 7, 2008 at 4:18 PM, <Valdis.Kletnieks_at_vt.edu> …

Posted by Juha-Matti Laurio on Nov 3
Kaspersky detect the new wave as
Exploit.Win32.MS08-067.g
and Microsoft as
Exploit:Win32/MS08067.gen!A
Sophos uses name Mal/Generic-A.
One of the reported file size is 16,384 bytes:
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d
Windows RPC vulnerability…

Read the rest of the …

Posted by Juha-Matti Laurio on Nov 3
Kaspersky detect the new wave as
Exploit.Win32.MS08-067.g
and Microsoft as
Exploit:Win32/MS08067.gen!A
Sophos uses name Mal/Generic-A.
One of the reported file size is 16,384 bytes:
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d
Windows RPC vulnerability…
Read more:
Re: [Full-disclosure] Windows RPC …

Posted by Juha-Matti Laurio on Nov 3
The worm-type exploitation has started. More information at
http://www.f-secure.com/weblog/archives/00001526.html
The worm component has reportdly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn.
Symantec uses Worm category too and …

[Crossposted to Security, Security Home Users, and Windows Update
newsgroups; Followup To set for Security newsgroup]
Microsoft Security Advisory (958963): Exploit Code Published Affecting the
Server Service
<QP>
Microsoft is aware that detailed exploit code demonstrating code execution
has …

Posted by Juha-Matti Laurio on Oct 27
Several updates to Windows RPC vulnerability (MS08-067) FAQ has been done.
-major updates to Gimmiv.A Trojan section (new malware names, signature information added)
-added Snort and Nessus references
-added credits
-added file …