myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

MS05-016:VBS_RUNEXPLT.C (arrives as Word Document)

  This new threat arrives as a Word document and manipuates unpatched Windows PCs, manipulating the recent MS05-016 patch which was part of the April 2005 updates provided by Microsoft.

VBS_RUNEXPLT.C Information

This malicious VBScript file takes advantage of the Windows Shell vulnerability, which could allow a remote malicious user to execute arbitrary code on the affected system. For more information about this vulnerability, please refer to the following Microsoft page: Microsoft Security Bulletin MS05-016

It usually arrives on a system as a Microsoft Word document. When executed on a vulnerable machine, it attempts to download and execute a file, which may also be malicious in nature, from the following location:  Nnpyf.c{BLOCKED}nn.com.  This malicious VBScript file runs on Windows 98, ME, 2000, and XP.

Published May 28 2005, 04:15 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems