Dangerous worm on its way

[Barbara Schatz]

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html


*** Erfolge muss man langsam loeffeln,
sonst verschluckt man sich an ihnen. ***
-Erika Pluhar-

 

[Charles D. Bohne]

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

Danke für die Warnung...
C.

 

[-Art- (not Art)]

Guess I had the good foresite (luck) to remove win2k and change back to
win98se last month....

CNN has reported that this is effecting millions of computers & servers
thoughout the world. Business & Goverments. Any luck it might effect
the I.R.S. computers?

HeckuvaGuy

 

[Vrodok the Troll]

Guess I had the good foresite (luck) to remove win2k and change back to
win98se last month....

CNN has reported that this is effecting millions of computers & servers
thoughout the world. Business & Goverments. Any luck it might effect
the I.R.S. computers?

 

[Hans S]

Guess I had the good foresite (luck) to remove win2k and change back
to win98se last month....

CNN has reported that this is effecting millions of computers &
servers thoughout the world. Business & Goverments. Any luck it might
effect the I.R.S. computers?

With your luck it will probably double all taxes!

BTW I hope it's a freeware worm or else the warning was posted in the
wrong group

 

[Mel]

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

Zotob is a worm that targets Windows 2000–based computers and takes
advantage of a security issue that was addressed by Microsoft Security
Bulletin MS05-039. This worm and its variants install malicious
software, and then search for other computers to infect.

Published: August 14, 2005 | Updated: August 16, 2005

If you have installed the update released with Security Bulletin
MS05-039, you are already protected from Zotob and its variants. If you
are using any supported version of Windows other than Windows 2000, you
are not at risk from Zotob and its variants.

http://www.microsoft.com/security/incident/zotob.mspx

 

[Mel]

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

Zotob is a worm that targets Windows 2000–based computers and takes
advantage of a security issue that was addressed by Microsoft Security
Bulletin MS05-039. This worm and its variants install malicious
software, and then search for other computers to infect.

Published: August 14, 2005 | Updated: August 16, 2005

If you have installed the update released with Security Bulletin
MS05-039, you are already protected from Zotob and its variants. If you
are using any supported version of Windows other than Windows 2000, you
are not at risk from Zotob and its variants.

http://www.microsoft.com/security/incident/zotob.mspx

W32.Zotob.E can run on, but not infect, computers running Windows
95/98/Me/NT4/XP. Although computers running these operating systems
cannot be infected, they can still be used to infect vulnerable
computers that they can connect to.

http://securityresponse.symantec.com/avcenter/venc/data/w32.zotob.e.html

 

[Bill Turner]

Zotob is a worm that targets Windows 2000–based computers and takes
advantage of a security issue that was addressed by Microsoft Security
Bulletin MS05-039. This worm and its variants install malicious
software, and then search for other computers to infect.

_________________________________________________

The library where I work got hit by this worm. It is particularly
difficult to fix because it prevents the infected computer from
accessing the internet to get a patch.

I'd love to spend some time with the author of this little nasty out
behind the woodshed.
There would be no need for any formal judicial action.

Bill T.

 

[Chrissy Cruiser]

If you
are using any supported version of Windows other than Windows 2000, you
are not at risk from Zotob and its variants.

CNN claims it affects XP

 

[Mel]

CNN claims it affects XP

CNN can claim what they want, but the facts are:

W32.Zotob.E can run on, but not infect, computers running Windows
95/98/Me/NT4/XP. Although computers running these operating systems
cannot be infected, they can still be used to infect vulnerable
computers that they can connect to.

 

[Gabriele Neukam]

On that special day, Mel, ([email protected]) said...

Zotob is a worm that targets Windows 2000?based computers and takes
advantage of a security issue that was addressed by Microsoft Security
Bulletin MS05-039.

Meanwhile, some 2003 servers also have proven vulnerable to this worm.
(this is what I read in the heise newsticker). It depends on the way
they are configured. If they allow for anonymous access - bang.

Set
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymoussam and
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous
to "1", in order to prevent anonymous access.


Visit
http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx for
the respective patch (which had been published only a week ago)


Gabriele Neukam

(e-mail address removed)

 

[elaich]

Zotob is a worm that targets Windows 2000–based computers and takes
advantage of a security issue that was addressed by Microsoft Security
Bulletin MS05-039. This worm and its variants install malicious
software, and then search for other computers to infect.

From the page where you download the patch for the Plug 'N' Play
vulnerability:


Affected Software:

Microsoft Windows 2000 Service Pack 4

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service
Pack 2

Microsoft Windows XP Professional x64 Edition

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service
Pack 1

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft
Windows Server 2003 with SP1 for Itanium-based Systems

Microsoft Windows Server 2003 x64 Edition

Non-Affected Software:

Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (ME)


So, maybe Zotob currently does not affect anything but 2000, but
according to this, the vulnerability exists to affect any modern NT
based OS. The worm may have already been altered, either by it's author,
or by other individuals.

 

[harsha godavari]

Guess I had the good foresite (luck) to remove win2k and change back to
win98se last month....

CNN has reported that this is effecting millions of computers & servers
thoughout the world. Business & Goverments. Any luck it might effect
the I.R.S. computers?

HeckuvaGuy

Hellafadream