Feeds

Plug and Play pandemonium

Worms based on MS vuln attack world+dog

5 things you didn’t know about cloud backup

Media outlets have been hard hit by computer worms based on a recently discovered Microsoft Plug and Play vulnerability (MS05-039). Computer systems at CNN, ABC, The Financial Times, and the New York Times have all been disrupted. General Electric, United Parcel Service and Caterpillar were also affected by the attack.

Virus writers have created a number of viruses targeting the Plug and Play vulnerability following the disclosure of the security bug by Microsoft last week and the publication of an exploit days later. Unlike the Sasser, Nimda and Blaster outbreaks of previous years it's not immediately clear which of a new batch of worms is causing the most damage. Zotob, the first malware to exploit the vulnerability, has been joined by several others including an IRC bot, a version of the infamous Rbot worm written to take advantage of the Windows security flaw.

Windows 2000 machines left unprotected by a firewall are most at risk from attack. Almost half of corporate desktops run Win2K, according to June estimates from asset management firm AssetMetrix, and when an infected machine gets plugged into these environments all hell can break loose.

"The big organizations that are getting hit right now have most likely introduced the infection to the internal network via infected laptops," said Mikko Hyppönen, director of anti-virus research at Finnish anti-virus firm F-Secure.

Antivirus firm Sophos warns such attacks are not unusual and that organizations unpatched against vulnerabilities can expect to be regular targets for virus writers, hackers and phishers. It also points out that more worms will attempt to exploit this particular vulnerability.

The FT carries a report stating that it was hit possibly by a variant of the ZoBot worm. CNN said its computer systems in New York and Atlanta were hit by an unspecified worm on Tuesday afternoon. ABC carries an AP report of the infection of some of its computer systems. Over at the New York Times an infection hit both newsroom and corporate PCs.

Standard defence precautions against worm attacks apply in defending against malware targeting the Plug and Play vulnerability. Users are urged to patch systems up to date and update anti-virus signature definition files. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.