Hi, this is Bill Sisk
A while back we discussed the fact that we’re likely to see new pieces of malware over the coming weeks that exploit the vulnerability resolved in MS08-067.
Recently we’ve received a string of reports from customers that have yet to apply the update and are infected by malware. These most recent reports have a common malware family, and the folks in the Microsoft Malware Protection Center (MMPC) have provided detailed information regarding this latest threat. The detailed write-ups regarding this threat can be found here and here. It’s important to note that customers who have installed MS08-067 are not affected.
Signatures have also been included to protect against it in the Windows Live Safety scanner – customers that think they might be infected can run that for free by visiting http://safety.live.com.
We continue to urge customers to deploy the update and make sure their security software is updated with the latest signatures**.**
Thanks,
Bill
*This posting is provided “AS IS” with no warranties, and confers no rights.*