Windows worms knocking out computers

(continued from previous page)

recent editions of Windows are available, but Windows 2000 remains popular. The operating system ran on 48 percent of business PCs during the first quarter of 2005, according to a recent study by AssetMetrix.

The onslaught of worms based on the plug-and-play flaw appeared less than a week after Microsoft's patch release, leaving users very little time to protect their systems.

Many Windows 2000 users likely will not have patched yet since they need time to test the fixes before installing them, Ullrich said.

Although there are several worms that exploit the Windows plug-and-play flaw, the spread remains limited, Cole said. "We are not seeing any one of these really soaring or escalating to something like a Blaster or Slammer," he said. Symantec has elevated its ThreatCon rating from one to two, with five being the highest.

Trend Micro has rated the worm attack "yellow," which is in the middle of its alert range. The security company has seen thousands of infections from Zotob alone, Hartmann said.

Infected machines can be cleaned up using tools available from antivirus software makers, including Symantec. Windows 2000 users who have not patched, should do so, Microsoft urges.

CNET News.com's Michael Kanellos contributed to this report.

[technewsjunkie]

Full LIVE coverage on CNN!

The funny thing is, they had just switched out thier Apple Displays
and computers to Dells within the last couple of days! What timing.

CNN only complaining

CNN was the only ones complaining for like 4 hours. All other networks, incruding Reuters hav been silent. Strange isn't it?

[tbeckner]

But the new Dell machines are not infected

But the new Dell machines are not infected. This worm attack is only against older Windows 2000 boxes, which no longer have support from Microsoft, but had a patch released that somebody forgot to install.

[tbeckner]

CNN should be Embarrassed

I just watched a delayed broadcast that my TiVo recorded of the Live CNN report about the WORLDWIDE WORM INFECTION. CNN should be Embarrassed. Their IT people could have patched them last week. The funny thing and maybe not so funny is that they reported it as something big and the infection will only infect unpatched/unprotected Windows 2000 machines.

Again, CNN should be Embarrassed!

[cjohn17]

O' Glorious Day! The Revolution is Televised!

Oh how I luv it! Now MS virus attacks are now front and center,
not some nebulous debate in a nerdy forum.

If only FOX News had broadcast the issue live. With their larger
and much smarter audience (I mean that seriously, CNN is a
joke) Microsoft would never sell another copy of their crummy,
broken down OS.

O' Glorious Day!

[SteveBarry687]

Fox News

Larger okay (haven't looked at audience numbers lately), but smarter. Ha hah ah aha hahaha ahha aha hah aha ha ahha ah.

I guess you would see them as smarter if your a right winger. CNN is right wing too.

[d2r4]

Congrats. to the moronic masses!

I'd like to take this time to laugh at all those infected by the "W32.Zotob.D" virus... thats what you get for being morons, maybe you should update your software once in awhile.

Stop drooling and scratching your head, open up your eyes and learn about that which controls much of your life. Hopefully your raining ignorance does not destroy anything important in the mean time.

[cjohn17]

Hey Tron, Lighten Up

I luv these "PC experts" who rain down dripping sarcasim on the
"ignorant masses" because the lowly cattle are not smart to
manage their computer systems.

You know, many of these poor folks that you have such distain
for have jobs, families, you know, real lives. They don't have the
time to invest in PCs like lonely geeks do. Balding saps sitting
under a dim 40 watt bulb in your tattered underwear, playing
Doom all day long, and going through bags of Cheetos.

Did it ever occur to you that perhaps we should be feeling sorry
for you? Investing all your time and energy in a failed operating
system? Think different, Tron. Go outside and play. You're
looking awfully pale and the human race needs you.

[cjohn17]

Get a Life, Tron

That goes double for IT support too.

[libertyaikido]

Nice.

Apparently you have no idea what it takes to roll out updates to a corporate network when there are legal and technological considerations that must be addressed.

Only an idiot would activate Automatic Updates, on a Windows machine, on a corporate network (unless the updates are being pulled from a company controlled, local Windows Update server [after an intense, possibly long, period of testing]).

Thanks for playing. Try again.

[educateme]

Even with a warning Sign on it, some would still buy Windows

This is another one of the weekly, monthly, yearly, daily, hourly,
by the minute, reports about Windows with its high-tech
(insecure) bundling of Internet Explorer into the OS, and how it
has made eveyone pay for Microsofts greed. If they cant beat a
company like Netscape with good technology methods, then lets
screw our customers, since they dont know better anyway, and
mash the browser into the OS and let 'em fight for themselves. If
you keep buying into the next marketing ploy, or promise, of a
secure Microsoft system, you will keep fixing your PC jalopy,
while Bill Gates laughs all the way to the bank.

What can you do, you might ask? Perhaps buy a Mac, or build a
Linux PC, after all what is your time worth in life, if you can
avoid these constant (never ending) hassles with a troubled
Microsoft design that will keep milking you for life. With no end
in sight, get used to it, or get out of Windows. Now you know.

[tbeckner]

Funny thing, if everyone ran UNIX/Linux

Funny thing, if everyone ran UNIX/Linux, then the vitus writers would be attacking those machines. And if you don't think that UNIX/Linux has no security problems, then I guess your UNIX/Linux machine isn't patched. Even the noble MAC has security problems. It's just that it is too small of a market for the virus writers to attack.

[cjohn17]

There's an Idea!

I like the idea of a warning sign on the packaging! "May cause total
loss of data."

you need to read the article again

How is the security hole related to "mashing in IE with the OS"???

All of the worms exploit a security hole in the plug-and-play feature in the Windows 2000 operating system.

[wazzledoozle]

Just update morons

Of course they are going to be serious viru's when you have over %90 of the desktop market, everyone is targeting you with everything they have.

Microsoft needs to release a patch that turns on automatic updates permanently if it sees the computer hasnt been updated in over a month.

Microsoft needs to release a patch

This is exactly what MS needs to do for network enabled machines. If a machines patch level falls too far behind, disable it's ability to communicate on a network until the user commits too do the updates and then only allow a connection to Microsofts update service until it has been fully patched.

[cjohn17]

Better Idea

How about this... I think this would work even better. STOP
WRITING CRUMMY, SLOPPY, CODE.

That would solve everything.

[Andrew J Glina]

Ahghghghghghghghgh

I can feel it entering my computer, one transistor at a time.... With my last strength, I enter in A-P-P-L-E into the IE address bar and hit CTRL-ENTER. Must-Buy-Mac-Before-Too-Late......

Ooops. Just remembered. I have a firewall. Back to work.

[tbeckner]

CNN should be Embarrassed!

I just watched a delayed broadcast that my TiVo recorded of the Live CNN report about the WORLDWIDE WORM INFECTION. CNN should be Embarrassed. Their IT people could have patched them last week. The funny thing and maybe not so funny is that they reported it as something big and the infection will only infect unpatched/unprotected Windows 2000 machines.

Again, CNN should be Embarrassed!

[technewsjunkie]

Nice Try. A significant # of Businesses still using W2K

You are in Windows denial. Simply read the article again.
" ...but Windows 2000 remains popular. The operating system
ran on ***48 percent*** of business PCs during the first quarter
of 2005, according to a recent study by AssetMetrix."

Also it was CNN, New York Times, and ABC network that are
mentioned in the articel alone. How many more do you think
there are? Hint: There are still millions of W2k machines out
there, and these are typically not upated vigorously.

CNN was reporting LIVE giving quotes from Microsoft
representatives who claimed it was "low level". Do you think
these companies and others think it was "low level"?? MS means
its "low market share" so they can tell them to screw. Air time
costs hundreds of thousands, if not millions per minute of
broadcast time.

[cjohn17]

I Feel Bad for the Children and Eldery

Just re-read the article again. How Gates and Balmer get any sleep
every night is beyond me. These "critical" situations are affecting
people's lives in dramatic ways... oh, wait...

Fortuantely, it mostly IT wonks and MS apologists that are staying
up late securing these OS dinosaurs. Serves 'em right.

[catchall]

Totally incorrect

I run a Window's network, I patched last week. I am now sitting comfortably at home, glass of wine in hand, wondering why others did not.

[ledzep75]

I feel bad for C.J....

because Carl from GTA SA runs on Windows and he doesn't even know it!

[202578300049013666264380294439]

Yet another reason to Use Linux.

Thanks Microsoft, You just showed the entire World, Yet another reason to Use Linux.

[Bob Brinkman]

Maybe things have changed

It always amazes me that people that bash Microsoft and praise Linux have the time to read through Hardware compatibility lists to make sure they are going to be able to use their hardware, but turning on automatic updates or using a virus scanner is a hardship beyond bear.

Is there better hardware support then there was in these OS?s then there used to be yet? Then they might be worth considering, but probably not since I still couldn?t get half the apps I use to run on them.

[oo7curtis]

Golly I love my Macs

It's time like these that, well, no it's all the time. Yukkk on that
nasty windoze thang.

[Earl Benser]

Maybe....

.... this is an MS idea to get people to upgrade to XP or ellse??????

Who knows????? ;-)

[Christopher Hall]

Bingo

That's exactly what I was thinking when the story came out. Somehow, I doubt Microsoft would be above it. They do have some very talented programmers up their sleeves, after all.

Have you ever read the book "Jennifer Government" by Max Berry? The book (it's fiction) touches on the extent of corporate espionage and it's quite cleverly written. Although, in the book, Nike kills a few people to increase the value of some shoes. While not DIRECTLY correlated (yet!), it has a similar feel to it.

Snicker, Giggle

It amuses me that big media, the liberal bastions of "we're smarter
than you are", are being hit by this worm hard.

I guess I should serve them some humble pie. Perhaps their IT
groups could bring cutlery and juice.

MicroLinux

If only Microsoft would but a 1/10th of the money and energy they put toward Windows toward improving the user interface for Linux, their problems would be solved. A commercial version of Linux can work, and there will always be the free versions for us geeks.

As to the myth that the virus and worm writers target Windows because everyone uses it....thats BS! Viruses and worms are all about reputation in that world...no one gets paid to write a worm. The first person to write a sucessful Linux, Unix, or Mac virus would be famous. It has nothing to do with market share. If there was only one Ferrari in NYC, do you think it wouldn't get stolen because of market share? Viruses and worms don't exist for Linux, Unix, and Macs because they are all based on operating systems that were designed from the beginning not to allow them.

[Dandy55]

Virus-free OS? How naive...

Peter wrote:

"As to the myth that the virus and worm writers target Windows because everyone uses it....thats BS!"
"The first person to write a sucessful Linux, Unix, or Mac virus would be famous"...
"Viruses and worms don't exist for Linux, Unix, and Macs because they are all based on operating systems that were designed from the beginning not to allow them"...

Pardon me, but, using Peter's words, "thats BS!" - I mean, the myth that Linux, Unix, or Mac are inherently virus-free, and Windows is the sole vulnerable OS.

Here is just a couple of links for you - go and get some protection:

Virus protection for MAC OS:
http://www.symantec.com/nav/nav_mac/

... and for Linux:
http://www.centralcommand.com/linux_server.html

[202578300049013666264380294439]

Ignorance is not bliss

The very first internet worm *ever* was written for Unix. Evidently Richard Morris isn't as famous as you think either since you evidently don't know about his worm and thus him.

[M C]

CNet a day late...maybe THEIR computers were infected?

Just wondering...

[ajbright]

BS

All this worm does is set up Win2K machines as spam bots, it doesn't shut down computers, it doesn't do anything except flood your net connection with outgoing spam.

Deleting one file in safe mode fixes the problem.

The so-called patch does nothing to stop this worm, the only protection is to
1/turn off port 445 to stop it spreading to other computers,
2/delete the mousemb.exe file from system32
3/remove the two reg edits it makes (although these appear to be harmless, in fact they might even make your computer more secure)
4/Anti-virus software - it's the only thing that can prevent re-infection, as I said, the M$ patch does nothing. Patched machines are just as likely to be infected as those not patched.

What happened here is that some "expert" advised a CNN "reporter" to watch for suspicious activity, such as your PC rebooting - probably because this "expert" remembers a worm from about two years ago that did this.

This turned into the "worm reboots computers" - which spread like wildfire across cable news channels (pretty much the same thing as your average tabloid paper, but on TV - think Fox News, MSNBC, CNN - all do nothing except commentate on life, making up hysterical BS to make it appear more interesting).

[Bob Brinkman]

how are you so sure on the symptoms?

I just ask because my girlfriend shot me a page yesterday when this crap started saying everyone's work computer started rebooting randomly including hers, shortly after it was announced to the employees as being virus related. I'm in an XP enviroment so I haven't haven't seen any of the havock first hand. I just rely on what I read. If it matters she works for a large Gas utility company who's name I won't mention.

[Bill Dautrive]

Name one..

virus for and any *nix variant that has caused problems and spread itself.

just one, should be easy right?

otherwise don't spread your ignorance

[Andrew J Glina]

Like there is a point

I played your game last time when you wanted the panel to...

"Name one 'innovation' in longhorn that doesn't already exist elsewhere"

http://news.com.com/5208-1016-0.html?forumID=1&threadID=8183&messageID=57023&start=83

...and I gave two, yet you are still spouting the same anti-Microsoft garbage. You are not here to learn, you are here to lecture.

The fact is I have Win2K and broadband and I have not got this virus. Seems as overrated to me as UNIX virus, which do exist and you know it.

[aabcdefghij987654321]

The Morris Worm

http://en.wikipedia.org/wiki/Morris_worm

The VERY FIRST worm. It was Unix based and spead from Unix system to Unix system causing a great deal of damage to the internet. In fact by percentages of internet systems infected, it was the most effective worm ever.

Don't make challenges based on your own ignorance.

[Llib Setag]

Give a cyber terrorist a window of opportunity...Use Microsith!

Have you ever noticed that when CNN shows the troops
capturing & dragging suspected terrorists from the caves, they
frequently find their MS Windows PC laptops & search for
terrorist activity on the hard drives? Coinsidence? Hugh amounts
of money & they use MS PC Windows laptops?

US DOJ had their chance & they agreed that Microsith is an illegal
monopoly, but refused to break the monopoly apart or control
their illegal activities worldwide. MS Monopoly money goes very
deep into the pockets of the U.S. Government in Washington
D.C.

U.S. Gov't has suggested that MS should be considered for a
national ID card for all citizens & immigrants of the USA, as part
of their homeland security defense. Citizen Gates with the Dept.
of Homeland Security would "manage" all important data of all
citizens.

U.S. Gov't has recently suggested that MS Internet Explorer be
the ONLY Internet Browser of the Government. MS-OS control
battleships & aircraft carrier computers.

But noooooooooo, the terriorist wouldn't think of taking
advantage of the structural weaknesses of the US-MS software
that is on the governments computers, the US military
computers, the US airports computers, the banking +
investment computers & the majority of the US citizens
computers. Why would they want to do that...?

WAKE UP PEOPLE!
These worldwide cyber attacks are not just some smart punk
kids having a laugh. These attacks are effecting millions of
businesses & costing them BILLIONS of dollars. These "phishing"
scams through IE Outlook are ripping off money from innocent
people & growing identity theft is a major problem.

Don't make it easy for criminals / terrorists by using faulty
software full of security holes that Citizen Gates can't plug fast
enough.

[Christopher Hall]

This conspiracy theory brought to you by the letter "Q"

Really, thanks for coming out of the basement long enough to post that.

Really. Thanks.

[ajbright]

Win2K patch doesn't work, XP and Server2003 patches do.

The Win2K patch might work for one of the worms out there, but it doesn't stop the w32.esbot.a or any of it's variants.

Every Win2K PC we have has been infected, it wasn't until after we removed a certain file that even the anti-virus software would delete or quarantine any of the subsequent attacks.

Our WinXP and Server 2003 boxes have been completely unaffected by any of the worms - mostly because we have patch management software that can patch hundreds of networked computers instantly - without any kind of manual installation.

If we'd had to rely on automatic updates we'd have been screwed - because in a business environment you don't give normal users admin rights, therefore automatic updates won't work until an administrator logs on.

I don't know how any medium or large sized business can cope with keeping on top of patches without software that can remotely patch at least a 100 workstations at a time.

We don't even have to do a manual install of the patch management software (which the crap patch management packages force you to do on every workstation). All we have to do is scan for a new PC on any domain then apply the patches and remotely reboot it.

UpdateExpert has prevented every worm except w32.esbot from causing us any problems, and that only failed because there isn't a patch out there that prevents it from installing on Win2K PCs.

[W2Kuser]

Microsoft WGA = terrorist threat

The real story here is that Microsoft's new WGA policy of BLOCKING critical security updates of computers that are not verified as "genuine windows".

By intentionally blocking these critical security updates, Microsoft is now openly supporting not only annoying hackers, but also the more serious cyber-terrorism threats.

Forget Iran or Korea, Microsoft now poses a more serious, immediate threat to this country's security...

From the MSFT website

Q:Do security updates require validation?
A: Security updates are not part of WGA. Security updates can be installed using the Windows XP Automatic Updates feature, or downloaded from the Download Center.

http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en

Do your homework before you make ASSumptions and flame

MSFT has said all along the using the WGA is NOT a requriement to receive security updates, for the very reason you mention above. They would rather patch pirated versions than have them become infected.