What's the Zotob MS05-039 worm?Our IT people are warning us about something called a Zotob MS05-039 worm, but they've caused more trouble than they've prevented in the past, so I'm leery about applying any changes they recommend. What is the Zotob worm, and how do I avoid getting into trouble with it? Feisty users, the bane of all IT departments! Just kidding. Actually, the Zotob worm is interesting in that it's only attacking Windows 2000 systems (which means if you're not running Win2k you're safe) and that it appears to be two different hackers actually having what the Wall Street Journal says is calling an Internet crime turf war! (Hollywood, are you listening?) The sequence of events behind this particular worm are that about a week ago Microsoft announced a vulnerability in the Plug-and-Play subsystem in Windows 2000 and issued a security update or "patch" that prevented people from being infected. The worm authors then promptly swung into action, producing nine different variations on worms that attacked the specific identified vulnerability. Tip: A worm is a self-replicating program, one that tries to spawn copies of itself on as many other systems as it can find while also, typically, doing something malicious on the host machine. In fact, if your IT department had been properly on the ball and had updated all the Windows 2000 systems in your department, you would have been able to sit back, breath easily, and know that Microsoft had saved the day. By not applying the security patch promptly, your systems are indeed possibly at risk for this worm that's caused significant havoc at organizations running the earlier version of Windows. You'll know if you're infected because your computer will continually restart. Learn more about exactly how to tell if you're infected - including the specific file or files created by the worm - at Microsoft's What You Should Know about Zotob. If you already have been infected, then try running an antivirus program, getting the very latest updates from the vendor, then running it again. Hopefully that'll fix things. If you haven't been infected, but are running Windows 2000, use the built-in Windows update capabilities, or check out Symantec's Zotob Removal Instructions. Finally, my advice to you? Listen to your IT department and apply the very latest set of patches from Microsoft now, not later.
Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon
Categorized:
Windows Help
(Article 4134)
Tagged: Previous: One site, lots of subdomains, or multiple sites? Next: How do I recover lost digital photographs? Subscribe!
Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader. only attacks w2k computers... Hi, Dave. Thank you for your information. This "zotrob" issue once againg shows that Microsoft people are the real provider of information about "vulnerabilities" when they release these patches. Hackers just do some "reverse enineering" job to find for what the pathes are for and readily they have a new instrument to release new worms. Does this mean that MS should stop looking for vulnerabilities? Should they stop publishing patches? Could these hackers fine these vulnerabilities without the "help" of Microsoft? Which comes fors: the hen or the eggs? I have a lot to say, but ...
I do have a comment, now that you mention it!
|
Search
Find just the answers you seek from among our 1700+ free tech support articles by using our Lijit search engine.
Help!
Subscribe to
Ask Dave Taylor! 
Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.
Articles and Reviews
Auctions and Online Shopping Blogs and RSS Feeds Building Web site traffic Business and Management Cell Phones and Mobile Phones CGI Scripts and Web Site Programming Computer and Internet Basics d) None of the Above HTML and CSS Mac OS X Help MySpace, Facebook, Twitter and Social Network Help Pay Per Click (PPC) Search Engine Optimization Shell Script Programming Sony PSP, MP3 Players, Etc. The Writing Business Unix and Linux Help Video Game Tips and Help Windows Help
Recent Entries
Join the List!
Book Links
|
Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.
![[whiteboard marker tray]](/Graphics/marker-tray.gif){kind=small}
