Trojan exploiting MS05-053 - TROJ_EMFSPLOIT.A (updated 2005-11-15)

Published: 2005-11-15
Last Updated: 2005-11-15 20:09:55 UTC
by Joshua Wright (Version: 3)
0 comment(s)
UPDATE: In a story reported yesterday (here), TrendMicro apparently now admits their analysts mis-anlyzed this trojan and that it does not actually exploit MS05-053.

Trend Micro is reporting a trojan in the wild (TROJ_EMFSPLOIT.A) that is exploiting the recent MS05-053 vulnerability announced on Tuesday.  The trojan causes EXPLORER.EXE to crash, which isn't so much fun for Windows users.

The Trend Micro notice is available at their site.  Fellow handler Pat Nolan did an excellent write-up of MS05-053 issues and recommendations at

Thanks to the dutiful Juha-Matti for bringing this to our attention.

0 comment(s)


Diary Archives