Recent
Articles |
Get
Control of Endpoint Security
While you're on a business trip, you use the hotel or conference room wireless
network to check news and request an upgrade. A hacker exploits a new and un-patched
operating system vulnerability to install a rootkit (a virtually undetectable
infection).
Trojans
and Backdoors
The Trojan Horse got its name from the old mythical story about how the Greeks
gave their enemy a huge wooden horse as a gift during the war. The enemy accepted
this gift and they brought it into their kingdom, and during the night...
NewsGator Secures RSS
RSS platform company, NewsGator Technologies announced that it will launch NewsGator
Enterprise Server (NGES) in the third quarter. The company describes the NGES
as a revolutionary new product for aggregating and reading RSS content within
the enterprise...
|
|
|
08.15.05
Zotob
Zeroes In On Plug And Play Flaw
 By
David Utter
Criminal hackers have begun trying to do to a Microsoft plug and play vulnerability
what Sasser did to systems worldwide.
This one doesn't spread through email; instead the Zotob worms target a vulnerability
in the Windows operating system and can spread from machine to machine across
a LAN or the Internet.
According to security firm Sophos, two versions of the Zotob worms began circulating
over the weekend. Microsoft had released a patch for the flaw on August 9th as
part of its monthly security bulletins, known among administrators as "Patch Tuesday."
There won't be any lobbying for Patch Tuesday to be a holiday any time soon. The
Zotob worms pose a threat similar to the Sasser worm, which circulated globally
last year, affected thousands of systems and millions of users, and only garnered
a slap on the wrist for its creator.
After infecting a machine that has not patched the plug and play hole, the worm
opens a backdoor in the system, which would permit unauthorized remote access.
Zotob then tries to spread itself to other machines.
Users of Windows versions 2000, XP, and 2003 should visit Microsoft's web site
and obtain a patch if they have not done so already. According to a Sophos statement,
similar worms may soon be created: "We wouldn't be surprised if more worms were
released which exploited this security hole in Microsoft's software," said Graham
Cluley, senior technology consultant for Sophos.
About the Author:
David Utter is a staff writer for WebProNews covering technology and business. |
