SkiifGeek's Journal: Here Come The Exploits

As expected, the day after Microsoft released their November round of patches, the exploits started arriving. Although there were known exploits for some of the vulnerabilities prior to the patch release, exploit code has begun circulating for the WinZip vulnerability patched by MS06-067, and exploit code for the Workstation service vulnerability (MS06-070) is also available. Detailed technical descriptions of the attackable vulnerability have been released, and it is only a matter of time until workable exploits surface.

A number of sources have been covering the appearance of what appears to be random files and directories (folders) on computer systems following the application of Microsoft's November security patches. The folders appear to be randomly named strings of hex and appear to contain a log file that relates to the MS XML patch (MS06-071).

While the directories and files do not appear to be harmful in any way, their appearance has come as a bit of a surprise to people who closely manage their systems. Users who do not normally delve into the detailed levels of their hard drive structure will probably not even notice the directory and leftover files at the top level (C:\). A growing consensus is that the installation process was a little messy and failed to completely clean up after it had finished.