The critical WINS vulnerability that Microsoft issued a patch for last week is now being exploited actively in the wild, according to the SANS Institute [sans.org]. The Internet Storm Center (ISC), which is operated by SANS, is receiving preliminary reports that hackers are targeting Microsoft s WINS service on Windows NT, 2000 and 2003 servers. Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker’s encryption mechanisms and abuse of Windows Restart Manager sets it apart.
Source: https://threatpost.com/windows-wins-attacks-wild-081909/72957/