"F-Secure is reporting a new variant in the Zotob worm currently exploiting the PnP vulnerability addressed in MS05-039. The Zotob.B variant uses the same ports (TCP/445 for scanning, TCP/8888 command shell on exploited systems, TCP/33333 for FTP server) as the previous variant, but uses the executable name 'csm.exe' with the description 'csm Win Updates' in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices to load the worm when the system boots. The Zotob.A uses the executable name 'botzor.exe' in the same registry key.
Monday, August 15, 2005
Zotob.B:
Mozilla and hypocrisy
Right, but what about the experiences that Mozilla chooses to default for users like switching to Yahoo and making that the default upon ...
-
via VMware blog
-
AJAX: redesign your PHP applications? - ThinkPHP /dev/blog : "First of all, XMLHttpRequest has a problem: in InternetExplorer, it doesn...