Back to news

Worms released against recent MS Windows Plug and Play vulnerability

It took just 5 days from the announcement of the Microsoft Windows 2000/XP/2003 Plug and Play (MS05-039) vulnerability for a serious worm threat to appear. The worm, called Zotob works in a similar way to the Sasser worm from last summer, targeting a vulnerability which does not rely on a computer user to spread. “For the moment most of the AV companies have not issued warnings about this new threat.” Fisher notes, although most have updated their solutions to detect and prevent the current worms from spreading. “The problem is that the risk from these threats is real, and the AV industry only issues alerts when their customers report infections, which means companies will get infected from this threat and future worms exploiting the same vulnerability.”

You can read about the Microsoft MS05-039 announcement here :
http://www.securitymob.com/my_smob/alert_info.asp?alert=23364

You can read about the Zotob worm threat (and later versions) here :
(Zotob.A) http://www.securitymob.com/my_smob/alert_info.asp?alert=23631
(Zotob.B) http://www.securitymob.com/my_smob/alert_info.asp?alert=23729
(Zotob.C) http://www.securitymob.com/my_smob/alert_info.asp?alert=23674
(Worm_Rbot.CBQ) http://www.securitymob.com/my_smob/alert_info.asp?alert=23789
(Zotob.D) http://www.securitymob.com/my_smob/alert_info.asp?alert=23813