Zotob Worm



According to The Sans handlers diary, a worm exploiting one of the security vulnerabilities disclosed last week by Microsoft, is in the wild and spreading. The worm tagged as zotob.a exploits the ms05-039 vulnerability. (Sans reminds us that ms02-039 was the vuln. targetted by the slammer worm. Interesting coincidence.)

They are still at infocon yellow. (Note the infocon graphic at the bottom of each page.)


The moral of the story, again, is to make sure you’ve installed the patches on your systems. This is said not to affect Windows XP sp2 or windows server 2003, due to malformed username/password combination. Of course, virii are frequently modified and improved so I would hesitate to be comfortable. Windows update to make sure you’re protected.

The securityfix has this too.

   Send article as PDF   

Similar Posts