New Internet worm targeting Windows

Posted by: EndGame

New Internet worm targeting Windows - 08/16/05 08:43 AM

A new Internet virus targeting recently uncovered flaws in Microsoft Corp.'s Windows operating system is circulating on the Internet, an anti-virus computer software maker said on Monday.

The ZOTOB virus appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software last week, including one that could allow attackers to take complete control of a computer.

Trend Micro Inc. said that the worm exploits security holes in Microsoft's Windows 95, 98, ME, NE, 2000 and XP platforms and can give computer attackers remote access to affected systems.

"Hundreds of infection reports were sighted in the United States and Germany," Tokyo-based Trend Micro said.

But computer security engineers at Microsoft said that the worm is only targeting Windows 2000 and not the other versions of Windows.

"It only affected Windows 2000," said Stephen Toulouse, a manager at Microsoft's Security Response Center. "So far its has shown a very limited impact -- we're not seeing any widespread impact to the Internet, but we remain vigilant."

The latest virus drops a copy of itself into the Windows system folder as BOTZOR.EXE and modifies the system's host file in the infected user's computer to prevent the user from getting online assistance from anti-virus Web sites, Trend Micro added.

The worm can also connect to a specific Internet relay chat server and give hackers remote control over affected systems, which can be used to infect other unpatched machines in a network and slow down network performance.

"Since most users may not be aware of this newly announced security hole so as to install the necessary patch during last weekend, we can foresee more infections from WORM_ZOTOB," it said.

Last Tuesday, Microsoft issued patches to fix its security flaws as part of its monthly security bulletin. The problems affect the Windows operating system and Microsoft's Internet Explorer Web browser.

Microsoft has warned that an attacker could exploit a vulnerability in its Internet Explorer Web browser, lure users to malicious Web pages and could run a software code on the user's PC giving the attacker control of the affected computer.

Computer users should update their anti-virus pattern files and apply the latest Microsoft patches to protect their computer systems, Trend Micro said.

More than 90 percent of the world's PCs run on the Windows operating system and Microsoft has been working to improve the security and reliability of its software.

Source