I just read about this attack. It uses Siemens software to install a root kit. The vulnerability starts with a static password that Siemens inserted. (I once worked in a bank where I am told MSBlaster got in via a Siemens phone engineer using the modem in their systems servers to dial out to the net). The root kit then uses a stolen private certification key to pretend to be a RealTek driver so that it can install on 64-bit OS’s (Vista and later). MS and RealTek have figured out a solution (requires your Windows Updates to be working. Interesting stuff.
Please follow and like us: