> What it says is: > > "Possible combined exploits of MS vulnerabilities" > > "It has been a very quiet day, but we are hearing rumors of possible > 'super' exploits that may target several of the vulnerabilities > announced by Microsoft on Tuesday. We've been contacted by an > individual who have have been infected such an exploit, but > investigation of this is still underway." > > > I'm not sure that "possible 'super' exploits" - plural - translates > literally into "super worm" - singular.
'possible super exploits' and 'super worms' are terms that press would love. but staying in reality - even now out there is worms that are capable exploiting several vulnerabilities at the same time: W32.HLLW.Gaobot.AZ The worm uses multiple vulnerabilities to spread, including: The DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135 The RPC locator vulnerability (described in Microsoft Security Bulletin MS03-001) using TCP port 445 The WebDav vulnerability (described in Microsoft Security Bulletin MS03-007) using TCP port 80 http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.az.html no doubt, future worms are more and more capable exploiting several vulnerabilities at the same time. Willem -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
