Storm is b-a-a-a-a-ack
As you've probably noticed, Storm is back for Christmas. There are only two noteworthy points about it.
The first is that they've added another fairly new exploit to it, and that is for something called GomPlayer, or the Gretech Online Movie Player, which is apparently very popular in South Korea.
The exploit is from October 2007, and is explained here, http://www.milw0rm.com/exploits/4579, but the key point is that if you're using GomPlayer, you're potentially vulnerable.
The second point is that 3rd party dlls continue to provide the attack points for new exploits. This is kind of interesting, and either means that Microsoft is patching faster than the exploits are coming out, or 3rd parties are not patching fast enough, or perhaps both.
Of course, this also highlights that the Bad Guys don't want or need a massive number of infections... they couldn't handle that... all they want is enough to make a profit. Folks, they're farming the Internet.
Labels: storm gom