sparx
Aug 16 2005, 05:47 AM
| | A new worm has been detected by multiple antivirus and security specialists. It's called ZOTOB and is exploiting security holes that have been earlier highlighted in Microsoft Security Bulletin MS05-039.
The worm affects Win2000 systems and newer. Win 98, ME etc. are not currently thought to be at risk although, one must always keep the holes plugged.
Details regarding what it does exactly and removal instructions can be found at Symantec's site and also at Microsoft's ZOTOB Advisory page
The hole allowing Zotob to infect and spread can be fixed by installing MS Security Update 899588
Keep your antivirus up to date as well. Good Luck! |
Comment/Reply (w/o sign-up)
Jeigh
Aug 16 2005, 01:05 PM
Yea I heard about that, my boss has us reworking login scripts to patch up machines here (I'm working at a tech support place for the summer) but I'm hoping it doesn't get too bad. Big virus/worm outbreaks == annoying *****y people yelling at us all day 
Comment/Reply (w/o sign-up)
unimatrix
Aug 17 2005, 07:32 AM
Days like today I am glad we run Macs. We had CNN on and they were going on about this for at least an hour. Wolf Blitzer trying to ad lib about technology was actually kind of sad and pathetic. It must of really been a slow news day.
Comment/Reply (w/o sign-up)
Jeigh
Aug 17 2005, 01:59 PM
Haha that woulda been good to see lol. But yea I dont really love macs BUT as far as having lots of comp illiterates using software they barely comprehend is concerned, yes having them running on macs would be preferable... some of the virus laden spyware consumed systems I've seen here make me cry :'( People have too much power on windows machines here... and by too much power I mean "they can go on the internet using IE and break things"
Comment/Reply (w/o sign-up)
Neverseen
Aug 17 2005, 09:30 PM
seen and heard about that on TV today, indeed... but they said that this isn't done just to make some pain in the ass, but it's more to make some profit out of it. I don't know how exactly, but I think it's true..
Comment/Reply (w/o sign-up)
little0run
Aug 18 2005, 03:10 AM
It's also known as W32/IRCbot.worm!MS05-039 it's a High Risk virus. It uses IRC (Internet Replay Chat) to contact a server and recieve instructions, it can be used to randomly Shutdown Windows, delete files, or install other programs... This is all the info McAfee has listed on it. http://us.mcafee.com/virusInfo/default.asp...&virus_k=135491
Comment/Reply (w/o sign-up)
neilski
Aug 18 2005, 12:21 PM
damn fools should have xp and you wont have such problems
Comment/Reply (w/o sign-up)
little0run
Aug 19 2005, 02:07 AM
The problem is in Windows XP, Windows XP has the most problems, if your goingto recomend an OS recomend Linux...
Comment/Reply (w/o sign-up)
Cassandra
Aug 19 2005, 03:13 AM
Just some general security notes which could help many people, both of which occured to me in connection with the recent worm outbreak: 1. One of the best ways to prevent worm infections is to make one's system completely invisible to the outside world, in other words, to stealth it. One of the best places to check to see if your system is invisible is at Gibson Research's Shield's Up. (No, guys, that's not an affiliate link. That's just the way he likes to do his URLs. As a result of testing there, I realized that even though I have good software firewalls on both my desktop machines, I should also activate the firewall in the router, since otherwise my network is visible to port scans and other probes from the outside world. Check out his other freeware security utilities also. 2. Most people should block all TFTP communication in their firewalls. That protocol may have some legitimate uses, but I've never seen it used for anything but worms, including Zotob.
Comment/Reply (w/o sign-up)
Similar Topics
Keywords : worm, alert, w32, zotob, worm, hit, windows, pcs
- Difficult To Believe: Pdfs Put Windows Xp At Risk, Says Researcher
(20)
Storm Worm Adds Millions Of Computers To Botnet
(0) The storm worm has built a botnet of perhaps as many as 10 million PCs using a revolving strategy of
current events and eye-grabbing "headlines" to lure victims into what may be the single largest
operating botnet. http://arstechnica.com/news.ars/post/20070...-to-botnet.html ....
New Virus? Uglyhuman Msn Virus
A worm that isn't in the virus definitions yet? (29) Have you ever gotten a message from your friends that say something like this: its you on this
photo http://uglyhuman.net/photo***.php I have received that from at least 3 people. Without
knowing what it was (and the surprise from the domain name with the message /tongue.gif"
style="vertical-align:middle" emoid=":P" border="0" alt="tongue.gif" />), I clicked on the link and
Firefox prompted me to download a file. It was a COM file so I thought that was strange. I rechecked
the URL it was a PHP web page, so I assumed it was telling me to download the photo, so I open....
Windows XP Exploit - Please Help.
(8) Hello everyone. I have a dell desktop running windows xp home edition. AVG virus checker found an
exploit in Firefox's application database in My Documents. I moved it to the "vault" in AVG.
I have several clients to check the safety of my computer and it seems like my machine is secure,
however, there is one problem. My DHCP-cable modem is directly hooked to my computer. However,
even when the computer is idle, the "Send/recieve" LED's (lights) constantly blink. Do I still
have the exploit or somehow I can't catch the "Trojan" the exploit installe....
MS Windows CSRSS Vulnerability
(4) There's a vulnerability in MS Windows that may cause serious problems related with the module
csrss.exe . Here below is listed vulnerable systems: QUOTE Microsoft Windows XP Tablet PC
Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP
Professional Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition
SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP2 Microsoft Wind....
Windows Has Slowed To A Crawl
surely sp2 is not the cause (4) I am trying to figure what is wrong with this one copy of Windows that has slowed to crawl since I
installed sp2. I certainly hope that sp2 is not the cause so I am searching for malicious software
undetected by spybotS&D, avast, and AdAware. My troubles with ZoneAlarm has left my computer
unprotected by any firewall at times and then the efforts to fix my DSL connections had me
connecting directly to the modem rather than through the router as I usually do. So it is possible
that something has gotten through. I am particularly suspicious of the services I cannot s....
Yahoo Group Worm
Worm infecting Yahoo Group users through attachment. (7) Those of you who use Yahoo Groups may or may not have already heard this, but about three days ago,
I received an update from one of the groups I am a member of. Inside this notice I found two "New
Graphic Site" messages and one "Virus Warning". The previous two came with attachments. Luckily, I
read the virus warning first before opening them. In the virus warning was this piece of advice:
QUOTE Just a quick warning to members about a virus that is sweeping Yahoo groups. It contains a
number of attachments and the subject line reads "New Graphic Site". Don�....
My Windows Isn't Genuine?
(16) Ugggg, I just found out (from my computer!) that my Operating System (XP Pro) isn't
genuine /mad.gif" style="vertical-align:middle" emoid=":angry:" border="0" alt="mad.gif" /> I
got a great deal on a used computer from a Swap Meet a few months ago. Will Microsoft accept a
letter or something, along with a little toy cash register receipt and give me a license key, or
will I have to buy a new copy? Dang, I should have known better, from now on, I'm building my
own systems (I've been studying!) ....
Keep Your Windows XP Protected
A discussion. (9) Dear Members As you all may be aware of the spywares, trojan horses,viruses which are troubling us.
I have found out a descent way of protecting owr PC's from these harmful stufs. I run a cyber
cafe and use windows xp home version. I am describing my way of protecting pc's:- 1. Frist of
all I have downloaded the windows XP service pack 2. 2. Then I have downloaded Avg Free. 3. Lastly
I have downloaded Windows Defender. 4. What I do is that, I have created two accounts in my
computer. One Admin which have Administrator rights another guest account. I use the ....
Windows XP Logon Script
(12) Microsoft Windows XP logon script has (had) a fatal bug in it- When you see the new
(funky) Windows XP Logon screen, it shows all the available users. 1. Press Ctrl+Alt+Del twice so
that the formal (earlier Windows) logon dialog box pops up. 2. Then, select Administrator as the
username and enter Any password greater than 32 chracters in the password field. 3. Windows will
give you a buffer overflow error. Click OK or Cancel and you're looged-in as administrator!!!
Well, this exploit was corrected my Microsoft in SP1 and SP2. Three cheers! -Omkar....
Asta Worm ALERT: Exploit.Win32.WMF-PFV Trying To Infect
(4) WARNING: To all members While browsing the forums, you might face a strange pop-up asking
you to download a .wmv file. DO NOT download and/or try to play this. The pop-up looks somewhat like
this (provided by Dha: I believe this is being spread through one of the Ads displayed at Asta.
Some guy has this worm embedded in his ads - that's the only logical explanation I can find..
Different anti-virus might identify it with different names - but essentially, it's a variant of
the following worm. Most likely it's coming from an ad of taalkzforum.....
Files Recovery Overwritten By Blackmail Worm
Files recovery overwritten by Blackmail (1) I have an HDD 40 GB all of its MS Word, excel and PP files and Acrobat Reader files have been
overwritten by the Blackmail Worm on 3rd Feb 2006.. Any suggestions for recovery the overwritten
files....
Worm Found In Zen Neeons?
(4) I do not wish to copy the whole article so I'll post the link and summarize it here:
http://www.pcmag.com/article2/0,1895,1854769,00.asp PC magazine has reported that Creative's
Zen Neeon released from a company factory in late July contained a Windows Worm. The name is
W32.Wullik.B Although this worm itself is not exactly harmful, it is proven that worms and viruses
can now be transfered and hacked through company mainframes. This a serious problem because it could
pose a threat to future developments. More hackers would try to modify the worm or create thei....
Cracked Windows "genuine Advantage"
(news only) (1) When I was shocked when I saw this QUOTE MICROSOFT'S bid to refuse access to updated
versions of Windows has been foiled by hackers. The Vole had demanded that those who wanted Windows
updates, other than security improvements, had to download an Active X program that sniffed their
operating system to see if their OS had been pirated. It took about 24 hours for hackers to come up
with a solution involving IE script, the hackers claim. source:
http://www.theinquirer.net/?article=24961 If I am not wrong, Microsoft spent more than one year to
build up this....
Windows Sercurity Centre Is Spyware?
(8) Unbelieveable but true - ever since I've reinstalled windows, I've been getting this message
from windows security centre in a dialogue box that my computer is not properly protected and blah,
blah.... and it asks me whether i want to learn how to protect my computer (as if i don't know)
if i click yes, it opens firefox and takes me to this site which obviously is not a microsoft
site. also, many times i get a baloon with a similar message. when i click it, norton says that a
"trojan horse" was detected and deleted. so is this how microsoft protects my comp....
Aim Virus Messing Around With My C:\windows Folder
(10) Okay, so I was talking to my friend on IM yesterday and then she sends me a message saying OMFG LOOK
AT HER or something like that and then a link. I stupidly opened it and then two seconds later she
IMs me telling me not to cause it seems to be a virus. Usually I don't accept those kind of
things but it was from her so I let my guard down. Apparently she had got it from another one of her
friends. It's a .pif virus I know that much but it doesn't do much, I can still open AIM
and my task manager with no weird things but when I reboot my computer, my C:\WIN....
Windows Xp: Simple Way Of Obtaining Admin Access
(8) I doubt this can even qualify as an exploit, but here is a way to obtain admin access for windows xp
in less than 5 minutes. 1. Restart the computer in safe mode 2. When the computer boots up you will
be at the user's screen. All users will be displayed here, and one extra should appear at the
top of the screen 'Admin'. 3. Use the Admin user, it doesnt require a password. Here you
can do anything you can normally do as admin, change user restrictions, create users...the works.
Almost everyone here probably know this, but for those who dont...have fun. ....
Worm Nopir-b - Delete Mp3 Files
watch out ! (0) The Worm Nopir-B spreads in nets of allotment of filing-cabinets (P2P) and erases MP3. according to
British company, Sophos, the Nopir-B will have been created in France. The invader is offered as
being a tool to copy DVD. When executed, it shows an image with messages against the piracy and
tries to erase all the joined filing-cabinets mp3 in the computer. The desactiva Nopir also
utilitarian of the operative system as the access to the Manager of Tasks, the Panel of Control and
the Register.....
Microsoft Windows "mshta" Code Execution Exploit
(0) From SecurityFocus http://www.securityfocus.net/archive/1/395...10/2005-04-16/0 There is a _New_
exploit which affects the MSHTA (Microsoft HTML Application Host), using a simple program it's
possible to create file from a *.hta with a _strange_ extenstion(*.foo *.ghgh *.asd) and this file
will be executed by the MSHTA so if u put some malicious Vbs or JS in the *.hta the risk is very
high.... http://www.frsirt.com/exploits/20050414.ms05016.php this is the source of the program
to create the malicious files I've tested it on Xp Sp1 and Xp SP2 and both sy....
Worm Sober It's Back
(3) It comes by email watch out this little ******f*cker You may receive an email with this subject :
"I've got your e-mail on my account" . Inside there are this file : Your_text.zip DONT OPEN
This Virus affects all the Operative Systems Take care....
How to recognize and remove Sasser Internet worm?
(7) Name: Sasser Nick name: Sasser.A, Worm.Win32.Sasser.a Size: 15872 All version of this worm attack by
"MS04-011 (LSASS)". MS04-011 (LSASS) cause overrun buffer in Local Security Authority Subsystem
Service. Related: 1- this worm can run in Win 2000/Xp 2- There isn’t any security Patch. 3- This
worm cause connect to Internet without any Firewall. 4- One of the characteristics of this worm is
following file "C:\win.log", 5- This worm make a traffic on the TCP,9996,445 and 5554 Ports To
remove this worm: 1- go to following address and download anti worm, http://www.f-sec....
Looking for worm, alert, w32, zotob, worm, hit, windows, pcs
|
See Also,
*SIMILAR VIDEOS*
Searching Video's for worm, alert, w32, zotob, worm, hit, windows, pcs
|
advertisement
|
|
