Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Microsoft Worm Coming Soon?

Posted by CmdrTaco on from the get-ready-for-impact dept.

Seft sent in a solid article running on the BBC discussing the next potential worm explosion on the heels of a recent Security Bulletin from Microsoft. The article is a somewhat general topic piece on worms in general.

5 of 497 comments (clear)

  1. Re:Where's the update? by jhoffoss · · Score: 4, Informative
    TechNet article: here.

    Patch: here. (For XP...this and the rest of the patches are also linked on the above page.)

    Scan tool: here.

    --
    Linux: The world's best text-adventure game.
  2. ..and here's the exploit. by bernz · · Score: 5, Informative
    just to help things along, here's the exploit that the worm will use.

    http://www.k-otik.com/exploits/09.16.MS03-039-ex p. c.php



    i'd post the code, but /. won't let me.

  3. Re:MS Security bulletin? What about... by mph · · Score: 5, Informative
    What am I missing?
    Buffer Overflow in Sendmail
    New ssh Exploit in the Wild

    The problem seems to be that you're running late, not slashdot. The above stories were each posted the day before you claim that the vulnerabilities were discovered.

  4. Re:This is but one of two by pe1chl · · Score: 4, Informative

    Tonight 3 of these arrived here. It is an e-mail message that contains a .exe attachment that promises to be "the latest version of security update, the
    "September 2003, Cumulative Patch" update which fixes
    all known security vulnerabilities affecting
    MS Internet Explorer, MS Outlook and MS Outlook Express
    as well as three newly discovered vulnerabilities."

    Apparently lots of people just doubleclick it.

  5. Re:I think there's already something new going aro by ncc74656 · · Score: 4, Informative
    NAI has new defs that cover it now, and I assume all other others do too.

    Just checked with Symantec...while the updated defs aren't available through LiveUpdate, they are available by downloading the Intelligent Updater. How smart of them...instead of sending out a couple hundred K, they force people to download 4 megs each until next Wednesday. It's their bandwidth, I suppose...

    (I reran NAV after getting today's defs...it identified the file as containing Worm.Automat.AHB. SARC says nothing informative about it, but F-Secure says the following:

    There is no virus known to us by this name. However, Norton Anti-Virus uses names like W97M.Automat.A to name viruses which have been detected automatically.

    Another 5-10 copies arrived since my last post...busy little fscker, isn't it? Rabbits don't breed this rapidly.

    --
    20 January 2017: the End of an Error.