Feeds

Plug and Play pandemonium

Worms based on MS vuln attack world+dog

Protecting against web application threats using SSL

Media outlets have been hard hit by computer worms based on a recently discovered Microsoft Plug and Play vulnerability (MS05-039). Computer systems at CNN, ABC, The Financial Times, and the New York Times have all been disrupted. General Electric, United Parcel Service and Caterpillar were also affected by the attack.

Virus writers have created a number of viruses targeting the Plug and Play vulnerability following the disclosure of the security bug by Microsoft last week and the publication of an exploit days later. Unlike the Sasser, Nimda and Blaster outbreaks of previous years it's not immediately clear which of a new batch of worms is causing the most damage. Zotob, the first malware to exploit the vulnerability, has been joined by several others including an IRC bot, a version of the infamous Rbot worm written to take advantage of the Windows security flaw.

Windows 2000 machines left unprotected by a firewall are most at risk from attack. Almost half of corporate desktops run Win2K, according to June estimates from asset management firm AssetMetrix, and when an infected machine gets plugged into these environments all hell can break loose.

"The big organizations that are getting hit right now have most likely introduced the infection to the internal network via infected laptops," said Mikko Hyppönen, director of anti-virus research at Finnish anti-virus firm F-Secure.

Antivirus firm Sophos warns such attacks are not unusual and that organizations unpatched against vulnerabilities can expect to be regular targets for virus writers, hackers and phishers. It also points out that more worms will attempt to exploit this particular vulnerability.

The FT carries a report stating that it was hit possibly by a variant of the ZoBot worm. CNN said its computer systems in New York and Atlanta were hit by an unspecified worm on Tuesday afternoon. ABC carries an AP report of the infection of some of its computer systems. Over at the New York Times an infection hit both newsroom and corporate PCs.

Standard defence precautions against worm attacks apply in defending against malware targeting the Plug and Play vulnerability. Users are urged to patch systems up to date and update anti-virus signature definition files. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.