Hi, this is Bill Sisk

A while back we discussed the fact that we’re likely to see new pieces of malware over the coming weeks that exploit the vulnerability resolved in MS08-067.


Recently we’ve received a string of reports from customers that have yet to apply the update and are infected by malware. These most recent reports have a common malware family, and the folks in the Microsoft Malware Protection Center (MMPC) have provided detailed information regarding this latest threat. The detailed write-ups regarding this threat can be found here and here. It’s important to note that customers who have installed MS08-067 are not affected.


Signatures have also been included to protect against it in the Windows Live Safety scanner – customers that think they might be infected can run that for free by visiting http://safety.live.com.


We continue to urge customers to deploy the update and make sure their security software is updated with the latest signatures.





*This posting is provided "AS IS" with no warranties, and confers no rights.*