Last Updated: 2007-01-19 12:19:04 UTC
by Mark Hofman (Version: 1)
Sun has released an alert notification regarding a vulnerability with the JRE (CVE-2007-0243 )
The alert states that an overflow vulnerability may allow the escalation of privileges.
The recommendation from Sun is to upgrade your JRE.
UPDATE - European Storm Video E-Mail
A new variant of this virus has surfaced over the last 3-4 hours. This variant is slightly smaller than the original.
MD5 checksums for the files are:
cf6c72dfa5a05beb46f21a21cb6d3487 for the original version
b9a0d6c8493ad79c2c09137871b95672 for the new variant (some of you will get the hash 01a1115bcb0d5e32a98c76a50ac8868d on the same file).
(If you have a file that does not match the above two signatures feel free to submit it)
AV products are picking up the original, only some are picking up the variant (that should change over the next few hours).
The subject and file names are changing as well in line with the news headlines of the day. In addition to the subjects mentioned in Part 1 we have seen:
Chinese missile shot down USA aircraft
Chinese missile shot down USA satellite
Chinese missile shot down Russian satellite
Russian missile shot down USA aircraft
Russia missile shot down USA satellite
Russian missile shot down Chinese aircraft
Radical Muslim drinking enemies' blood
Sadam Hussein alive!
Sadam Hussein safe and sound!
Read more: http://isc.sans.org/