- Related Stories
-
Worm sparks rise in zombie PCs
August 22, 2006 -
Worm duo tries to hijack Windows PCs
August 14, 2006 -
Microsoft on worm watch
August 11, 2006 -
Another hefty patch month for Microsoft
August 8, 2006
The SANS Internet Storm Center, Symantec, McAfee and several other security companies are warning of a new worm that wriggles into Windows PCs by way of a security flaw for which Microsoft issued a patch with security bulletin MS06-040 on Aug. 8.
On Thursday, Symantec raised its ThreatCon to Level 2, which means an outbreak is expected. In an alert to customers, the Cupertino, Calif.-based company said it is seeing "ongoing and frequent attacks" that utilize the MS06-040 flaw. There are now six variants of malicious code that exploit the vulnerability, Symantec said.
"The potential impact of these threats is exaggerated due to reports of successful compromise of Windows NT systems, for which there is no patch available," Symantec said in its alert. Windows 2000 and Windows XP are also at risk, according to Symantec.
Symantec was joined in its alert by the other security watchers. The SANS Internet Storm Center, which monitors network threats, noted on its Web site that several people had reported increased malicious activity. Analysis of the threat, however, found that attacks should be "relatively easy to catch." Most antivirus software detects the bad code.
Microsoft, however, has not seen an increase in malicious activity associated with MS06-040, a security hole in a Windows component related to file and printer sharing.
"Microsoft has been watching diligently since the release of MS06-040 for any increase in malicious activity...At this time we are not seeing an increase over the already existing limited attacks attempting to exploit that vulnerability," a Microsoft representative said in a statement Thursday.
Security tools from Microsoft and third parties offer protection against all current exploits of the flaw, according to Microsoft. Still, those users who have not yet applied the Aug. 8 update are encouraged to do so immediately, Microsoft said.
Malicious code that exploits the Windows hole has already led to significant growth in the number of hijacked PCs, CipherTrust said last week. The messaging-security company has seen a 23 percent growth in the total number of so-called zombie PCs it has detected and attributed that to the spread of Mocbot worm variants that exploit MS06-040.
If a PC is hijacked, SANS Internet Storm Center recommends completely erasing the hard drive and reinstalling the computer's operating system. "That sounds drastic...but it gets rid of the worm, gets rid of the botnet, and plus you have a brand new box," according to the ISC.
See more CNET content tagged:
Symantec Corp., Windows PC, cyberattack, alert, increase
The scandals will completely devastate the release of Vista and most businesses will refuse to deploy Vista when their IT staffs tell them the new OS will only attract even more attacks than patched XP systems. MS will be reduced to issuing press releases about victorious deployments in "a bakery in Ottawa" and "a car wash in Sierra Leone" which the press will reveals were bought by MS a week before the software was installed.
Ballmer, always regarded as completely insane and emotionally unstable, will disappear without a trace. Psychics will lead police to his final resting place, his station wagon, parked behind the IGA supermarket in Spokane where police will determine he had shot himself 6 times in the face, reloaded, and shot himself another six times in the kidneys, a story that will briefly provoke skeptical reactions from the press.
EVERYBODY PANIC!
In all seriousness, I'm wondering what true windows bashers would do if the OS was secure. And I mean, OSX secure. Will that happen? Probably not, some flaws were already 'discovered'. But it would be very interesting to see the reactions of anti-ms zealots.
Sounds far more likely that Vista will slowly drift onto the market as a non event and people will gradually migrate to it as it becomes proven and any initial bugs are fixed.
Vista certainly makes it a LOT tougher to send worm attacks or take ownership of the box via remote buffer overflows, etc. MS have dedicated a lot of effort to improving security from the ground up.
The Blowfish is coming, people. Microsoft will die at the hands of the Blowfish.
hard drive. It was some time in the mid 90s, I believe. Even then,
the hard drive itself was suspected to be the likely culprit and I
replaced it soon after.
The most unbelievable thing about all of this is that there are still
people who refuse to give up on Windows, and not just the IT techs
who make money off of it! There are a lot of masochists out there.
By the way I'm a recovering former Windows IT tech that had my own company for 20yrs. I spent many sleepless night earning the right to say Microsoft is a bad obsolete product.
I went out of the Windows support business by choice because I could no longer justify making money off the OS. I made around $500k off supporting it and the whole time wishing they were on any other OS.
Folks there is life after Microsoft.
But certainly hackers have another juicy victim in Vista and its
most definitely a sitting duck (with a red X painted on its body).
Its already been proven it isn't 100% secure. Granted, its better
than XP as an upgrade, but more secure? More revolutionary??
More worthy of a launch bigger than Windows 95? Hardly.
The only thing going for Vista is that Aero is better than Luna.
Everything else will most likely be made up by the Microsoft
Marketing team. Half truths and lies and a pinch of story telling
of what their planning next for the future. I mean they certainly
have us fooled with Vista, don't they? I'm probably going to buy
it. But you only need to look at Paul Thurott's website on
Windows and see how far its fooled him (its an entire 3 year
analog of Vista's history, from Whistler to Longhorn to Vista).
He's such a dedicated Microsoft fan its scary.
"I mean they certainly have us fooled with Vista, don't they? I'm
probably going to buy it."
Wow. It's not like I modified that quote at all, one sentence
claims people are fools if they belive in Vista and the next
sentence claims he/she will buy it.
I hope you enjoy your life in servitude. I guess some people
think being a slave really isn't that bad. Whatever - I hope you
enjoy being owned.
Only OSX is still, after 5 years, completely secure.
It's a pity that it doesn't even appear on your radar.
Enjoy Windows XP Pro and all the continuing patches, If thats all
you know, thats all you deserve.
When it is released (Whenever that is), everyone is going to need
to upgrade their hardware and then fork over about 200 - 300
bucks for a copy, go through the usual rigmarol of caling up for
validation and all that and then they are finally going to start it
up.
Then they're probably going to be woooed by the flashy
graphics. But I think that a small number will see past the
graphics and ask the question 'Is that it? Is that what Ive waited
six years for and have speent $xxx upgrading/replacing my
system for?'
But they will be left with the consolation that there will be less
viruses for VISTA.... Until they've owned it for a week or so.
And they will be encouraged to buy microsoft's antivirus tools.
In my mind, they should be able to stand behind their product
and state that it is secure - not that it will be secure if you fork
out more cash. After all, thats what they are touting with this
new OS.
Never mind, one day the excuses will dry up and people will see
that they have viable alternatives in BSD, LINUX and MAC OS X.
Then perhaps the legacy of windows will be over!
and
http://www.shelleytherepublican.com/2006/04/20/linux-a-european-threat-to-our-computers-by-tristan.aspx
They are quite funny and seems to be jokes!
Björn Lundahl
Göteborg Sweden
Only if you are a hopeless MS fan.
I rarely see more lies or misinformation all in one place(other then fox news).
Linux is more stable and safe then windows. It is not communist or any other such nonsense.
No wonder your posts are filled with BS and ignorant ramblings if you actually believe this crap.
Björn Lundahl
They have a reputation for claiming one thing when in fact it's just the opposite of what they're claiming.
Notice the following says reported... not as in speculated or proposed or purported or possibility... but "AS IS BEING REPORTED"... but yet still Microsoft attempts to flack it off.
Reports are increasing thus it's not something to flack off. Except that Microsoft flacks it off... except that they shouldn't... but they do... but they shouldn't... but they do... etc. etc. etc. et. al. et. al. et. al. blah... blah... blah...
Bottom line... Microsoft doesn't accept the inevitable!!!
Walt
I regularly have had to re-install ALL microfluff products, from server to desktop since it went commercially viable over the last 15 years - from DOS to XP, from NT to 2000, in order to get things to work properly again. You think there is a fix for the problems?, tell you what, you waste billions in resources finding another way to solve ms o/s product problems.
Vista will not be any different. I have a pronouncement that within this next 12 months ms flaws, bugs, holes, and crap will catch up with them!!!
Oh, I still have all ms o/s's in my primary location but all of them have to be rebuilt again... if its not the sound its the video, if its not the video its the web, if its not the web it the applications, if its not the apps its the games, if its not the games its the h/w & f/w incongruencies....
Bill, this headaches for you!!!
- cyberattacks
- by kFuQ September 7, 2006 7:09 AM PDT
- "Several security experts are warning of increased cyberattacks targeting Windows PCs, but Microsoft says all is calm on the attack front."
- Like this Reply to this comment
-
(37 Comments)********
is that why there has been over 3500 attacks in the last couple of days?
http://www.zone-h.org/component/option,com_attacks/Itemid,44/
all hell is starting to break loose........
and 4 more days till 9/11