Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Windows Worm Inching Around Internet

Posted by ryuzaki0 on from the dance-the-samba dept.

helixcode123 writes "The Register is reporting a Windows Worm that takes advantage of weak default passwords. This looks pretty nasty, as it mucks with the registry and disables network sharing." Basically if it finds SMB shares with weak passwords, it drops an executable in the startup folder... for once a security problem that isn't really Microsoft's fault.

2 of 604 comments (clear)

  1. The Most Open Security Hole.... by scottm52 · · Score: 5, Interesting

    Is the one left open by an Admin who has no business being an Admin....

    But (more seriously), doesn't is just scare the hooey out of you that brute force password cracking is now running around as an autonamous virus on the Net???

    Yeesh, I get the willies thinking of every user that I've told "you can't use password as the password".

  2. Re:Microsoft's fault? by Guppy06 · · Score: 5, Interesting

    "Please tell me how it's MS's fault that people pick easy to guess passwords?"

    Please tell me how it's not Microsoft's fault for making both partitions and the system directory shares by default. How the hell else would the worm get access to the StartUp folder? The people most vulnerable don't even know where that particular directory is, let alone how to share it.

    Please tell me how it's not Microsoft's fault to make XP users members of the Administrators group by default (the only ones who can access those default shares).

    Please tell me how it's not Microsoft's fault that XP doesn't even bother asking for a password for a new (admin!) user account unless the account is made the old-fashioned Win2k way.

    The "shiney new" way XP handles user accounts by default is almost as bad as 95/98/Me. By default, all system users are listed at the log-in screen for you to pick. One of them has a password? Move on down to the next in the list. Odds are at least one of them doesn't have a password and yet has admin privileges.

    True, no self-respecting XP user would have anything to do with the accounts script in the Control Panel, but the better method of dealing with user accounts is both counter-intuitive ("Performance and Maintenance?" But "User Accounts" is right there!) and practically hidden (Performance & Maintenance -> Administrative Tools -> Computer Management (Local) -> Local Users and Groups), at least as far as former 95/98/Me users are concerned.

    No, this is a design flaw in XP, part of Microsoft's attempts to dumb down the NT kernel for the home user. Perhaps MSFT wouldn't have to spend so much money on patching these security holes if they instead spent a little capital on trying to educate users a little about (extremely) basic user accounts security. This current "security hole" has been around since NT 3.1 and hasn't been that much of a problem until Microsoft decided to give everybody admin rights by default.