Only two days after Microsoft released the patch, security researchers identified a new worm named Gimmiv, which exploited the vulnerability in the RPC service.
Moreover, on Friday, a sample of the code hackers could use to further take advantage of the bug was posted on the Internet, on the Milw0rm.com hacker site.
Ben Greenbaum, a senior research manager with Symantec, has revealed that the Gimmiv worm could be used to spread malicious content between systems joined in a local network, since the latter are not generally protected by firewalls. By exploiting Windows’ weakness, Gimmiv could easily go on infecting local networks’ computers one after another.
Afterwards, the worm could load software aimed at stealing passwords on the machine, the experts have also warned.
Symantec has revealed that beginning Thursday evening the number of scans searching for systems that might have been vulnerable to the Gimmiv worm had gone up by 25 percent, which means that further attacks performed by hackers who have modeled the code posted on the Web into easy-to-use exploit tools were expected.