New IM Worm On The Loose
elfarto writes "Techweb is
reporting that a new worm that spreads via Microsoft's instant messaging client
began badgering users Monday, several security firms said.
Dubbed Funner, the worm propagates by sending itself to all the contacts listed
in the user's copy of MSN Messenger, Microsoft's IM client.
There is an analysis on
Symantec Security Response Site; apparently the worm tries to download stuff
from www.78p.com and adds entries to the hosts
file pointing to more that 400 Chinese porn sites. The worm also sends itself to
the whole contact list as funny.exe so it requires the user interaction to
actually execute it. "
Is this why MSN messenger seems to have been down for about 12 of the last 24 hours?
Well, if you are running as root, well, the answer to your question is EVERY OS. Run your desktop as root, and it'd take me 5 minutes to write an executable that will hose your whole system.
The fact is, Windows has a solid, well implemented, priviledge system. The second fact is that they gave this up in favor of app compatiblity (crappy programs that expect to write to the windows directory just to run, versus to user directories) and ease of use. This is biting them in the ass, and they are working on getting people away from running as Administrators. Just not as heavy a push as I'd like.
You are seriously underestimating the general cluelessness of the average computer user. I think it could be named "worm.exe" and a lot of people would still run it.
The knowledge (or lack thereof) of the average computer user is the real reason that security is such an issue today.
You mean AIM is a bigger target than MSN Messenger?
Well, here's another argument against "Microsoft software gets broken into more, because it is more widely deployed". (Besides Apache vs. It Isn't Secure.)
Please correct me if I got my facts wrong.