Friday, October 24, 2008

Malware scanning for different gateways

Recently eSoft's Threatlabs found an increase in malware using uPnP - SSDP protocols to find new gateways out of a network. It appears that the effectiveness and increased use of IPS have impacted bot maintainers. Their answer - find another gateway. They are now sending uPnP packets to discover different gateways on their local network. If you are an IT manager, be sure to know where all the exits on your network live.

Microsoft out-of-band release

It's been a long time since our last post, but this weeks activity warrants a post. Yesterday, Microsoft announced a critical update (MS08-067), which occurred out of their normal "Patch Tuesday" cycle. Well it turns out that it was a good idea. The patch closes a security hole in how Windows systems communicate with each other. This vulnerability has the potential to be exploited through worm and spread wildly. It is advised that all users update with Windows systems as soon as possible.