Plug and Play pandemonium

Worms based on MS vuln attack world+dog

Wed 17 Aug 2005 // 12:19 UTC

Media outlets have been hard hit by computer worms based on a recently discovered Microsoft Plug and Play vulnerability (MS05-039). Computer systems at CNN, ABC, The Financial Times, and the New York Times have all been disrupted. General Electric, United Parcel Service and Caterpillar were also affected by the attack.

Virus writers have created a number of viruses targeting the Plug and Play vulnerability following the disclosure of the security bug by Microsoft last week and the publication of an exploit days later. Unlike the Sasser, Nimda and Blaster outbreaks of previous years it's not immediately clear which of a new batch of worms is causing the most damage. Zotob, the first malware to exploit the vulnerability, has been joined by several others including an IRC bot, a version of the infamous Rbot worm written to take advantage of the Windows security flaw.

Windows 2000 machines left unprotected by a firewall are most at risk from attack. Almost half of corporate desktops run Win2K, according to June estimates from asset management firm AssetMetrix, and when an infected machine gets plugged into these environments all hell can break loose.

"The big organizations that are getting hit right now have most likely introduced the infection to the internal network via infected laptops," said Mikko Hyppönen, director of anti-virus research at Finnish anti-virus firm F-Secure.

Antivirus firm Sophos warns such attacks are not unusual and that organizations unpatched against vulnerabilities can expect to be regular targets for virus writers, hackers and phishers. It also points out that more worms will attempt to exploit this particular vulnerability.

The FT carries a report stating that it was hit possibly by a variant of the ZoBot worm. CNN said its computer systems in New York and Atlanta were hit by an unspecified worm on Tuesday afternoon. ABC carries an AP report of the infection of some of its computer systems. Over at the New York Times an infection hit both newsroom and corporate PCs.

Standard defence precautions against worm attacks apply in defending against malware targeting the Plug and Play vulnerability. Users are urged to patch systems up to date and update anti-virus signature definition files. ®

More about

TIP US OFF

Send us news

Topics

Special Features

Vendor Voice

Resources

Security

Plug and Play pandemonium

Worms based on MS vuln attack world+dog

More about

TIP US OFF

Other stories you might like

NASA solar sail to be Siriusly visible in orbit from Earth

Qt Ubuntu 24.04 betas show that there's room to innovate

AI energy draw from Chicago datacenters to rise ninefold

Protecting distributed branch office environments from ransomware

WhatsApp, Threads, more banished from Apple App Store in China

Unintended acceleration leads to recall of every Cybertruck produced so far

A quarter of 5-7 year olds now use smartphones, says regulator

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals

Germany cuffs alleged Russian spies over plot to bomb industrial and military targets

Wing Commander III changed how the copy hotkey works in Windows 95

Some smart meters won't be smart at all once 2/3G networks mothballed

Your trainee just took down our business and has no idea how or why

About Us

Our Websites

Your Privacy