Windows RPC worm (MS08-067) in the wild

The worm-type exploitation has started. More information at http://www.f-secure.com/weblog/archives/1526.html The worm component has reportdly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn. Symantec uses Worm category too and the name

Re: [Full-disclosure] Windows RPC worm (MS08-067) in the wild

Kaspersky detect the new wave as Exploit.Win32.MS08-067.g and Microsoft as Exploit:Win32/MS08067.gen!A Sophos uses name Mal/Generic-A. One of the reported file size is 16,384 bytes: http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d Windows RPC vulnerability