Mark Eldridge

Today’s CATFACT is a classic: the full story of how Microsoft discovered and then responded to the SMB vulnerability known as “MS08-067”.

This particular vulnerability is known for being exploited by the Conficker worm, as well as pretty much every pentester who is lucky enough to find Windows XP systems on a client network. Exploits targeting MS08-067 are freely available, reliable, and trivial to use (using this exploit is the “Hello World” of pentester training). Successful exploitation gives you full SYSTEM privileges, which means you can do whatever you like to the exploited system.

MS08-067 is one of the most critical of the critical vulnerabilities, but we still see it in networks almost 10 years after it was fixed by Microsoft.

The Inside Story Behind MS08-067