Dasher.b: Exploit for old Windows OS flaw in circulation

If you are not up-to-date with your computer’s Windows Operating System installation, its time to get the latest round of patches. Reason being hackers are not waiting for newer flaws to be discovered in the OS and are making worms targeting the older flaws. Interestingly, Microsoft has already issued updates for these flaws.

Security firms, F-Secure and the SANS Institute’s Internet Storm Center (ISC) have announced that they have spotted the Dasher.b worm in wild, which targets the flaws fixed in the October release of patches by Microsoft. They have said that a German based group Honeypot Project uses these flaws to target unpatched PCs.

Dasher.b exploits the MSDTC vulnerability in the Windows OS. Microsoft had earlier issued a statement claiming that the code for exploiting this flaw was circulating on the web but was not developed enough to execute remotely. However, this latest worm makes use of the same proof of exploit code and downloads a keylogger from a remote server.

Worse, this keylogger is said to be hidden using a rootkit and has the potential to hit Windows 2000 and XP PCs. The companies have advised the users to update their machines using the Windows internal update mechanism or manually from the company’s website.