A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory... The malware arrives attached in an email, which pretends to come from a reputable business magazine, asking the businessman to verify his/her "picture" to be used for the December issue. If the malicious payload contained in this email is executed then the Trojan installs an IRC backdoor on affected Windows systems
This may be a proof of concept one though. I found something on About.com that says the trojan is inept.
The first Trojan to exploit this flaw, Stinx.E, doesn't properly decrypt the registry keys needed to allow the Trojan to load when Windows is restarted. The Stinx.E Trojan also fails to load if the Sony DRM cloaking technology is active, despite its deliberate attempts to exploit it. Additionally, the IP addresses used to connect to the IRC server are invalid. In effect, the Sony Stinx Trojan is impotent.
More thoughts by me plus my prediction that ther will be a new one that targets the gamers who won't uninstall the Sony rootkit because they are using it to hide their cheat programs.
