The Inside Story Behind MS08-067 and the Value of Telemetry

[Corrine]

Without telemetry and diligent research by Microsoft Security Engineers, Conficker would have had half a billion more targets!

Seven years ago a small set of targeted attacks began. In 2008 an unknown set of attackers had a zero day vulnerability that would soon have worldwide attention. They were patient and used it quietly in several countries in Asia. The vulnerability was not just good--it was the kind of vulnerability that offensive teams and bug hunters dream about. It was, as we say in the business, “wormable”. That word sends chills down any defender’s spine. In short, the attackers had a remote code execution (RCE) vulnerability that affected every version of Windows, gave them full control at SYSTEM level rights, left almost no forensic footprint, and could be used anonymously from anywhere on the Internet. Their exploit was 95% reliable. Almost perfect. Almost.

Details at The Inside Story Behind MS08-067 - Defender Mindset

 

[Digerati]

That was a good read. Thanks Corrine. I really wish users would understand Microsoft's commitment to security. But sadly, too many are still living in XP days - times when nobody, including the security experts at the time, anti-Microsoft pundits, or the badguys, understood how explosive the Internet and the security woes that came with it, would be.