Network anti-virus and Internet content security major, Trend Micro on Tuesday warned Internet users of a new memory-resident worm that takes advantage of newly announced Microsoft Plug-and-Play security flaw.
What makes the new worm, WORM_ZOTOB, so notable is its exploit of Microsoft security hole and this 'exploitation' is believed to be the fastest in the history of malware creation, a statement said.
The new worm drops a copy of itself into the Windows system folder as Botzor.exe and it modifies system's Host files in the infected users' computer so as to prevent the user from getting online assistance from certain anti-virus Web sites.
The backdoor capabilities of the worm enable it to connect to a specific Internet Relay Chat (IRC) servicer and allow hacker a remote control over affected system, which can be used to infect other machines in the network.
Hundreds of 'infection reports' were sighted in US and Germany. Since most of the users may not be aware of the newly announced security hole so as to install the necessary patch during last weekend, more infections in Asia Pacific and other regions are foreseen, it said.
1 comment:
The ZOTOB virus appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software last week, including one that could allow attackers to take complete control of a computer.
Trend Micro Inc. said that the worm exploits security holes in Microsoft's Windows 95, 98, ME, NE, 2000 and XP platforms and can give computer attackers remote access to affected systems.
"Hundreds of infection reports were sighted in the United States and Germany," Tokyo-based Trend Micro said.
But computer security engineers at Microsoft said that the worm is only targeting Windows 2000 and not the other versions of Windows.
"It only affected Windows 2000," said Stephen Toulouse, a manager at Microsoft's Security Response Center. "So far it has shown a very limited impact -- we're not seeing any widespread impact to the Internet, but we remain vigilant."
The latest virus drops a copy of itself into the Windows system folder as BOTZOR.EXE and modifies the system's host file in the infected user's computer to prevent the user from getting online assistance from anti-virus Web sites, Trend Micro added.
The worm can also connect to a specific Internet relay chat server and give hackers remote control over affected systems, which can be used to infect other unpatched machines in a network and slow down network performance.
"Since most users may not be aware of this newly announced security hole so as to install the necessary patch during last weekend, we can foresee more infections from WORM-ZOTOB," it said.
Last Tuesday, Microsoft issued patches to fix its security flaws as part of its monthly security bulletin. The problems affect the Windows operating system and Microsoft's Internet Explorer Web browser.
Microsoft has warned that an attacker could exploit a vulnerability in its Internet Explorer Web browser, lure users to malicious Web pages and could run a software code on the user's PC giving the attacker control of the affected computer.
Computer users should update their anti-virus pattern files and apply the latest Microsoft patches to protect their computer systems, Trend Micro said.
More than 90 percent of the world's PCs run on the Windows operating system. Microsoft has been working to improve the security and reliability of its software.
Post a Comment