Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sober.P Worm Accounts for 5% of all Email Traffic

Posted by CmdrTaco on from the thats-a-lotta-bits dept.

destuxor writes "The grave insecurity of the day is the Sober.P worm which is currently pushing nearly 5% of all email traffic at the moment. Unlike previous worms, Sober can disable the Windows Firewall and Symantec Antivirus. Interestingly, patched machines are not vulnerable to the exploits used by this worm. What are we going to have to do to convince "ordinary users" to visit WindowsUpdate once in a while?" update percentage corrected.

4 of 451 comments (clear)

  1. Getting People to Update... by quark101 · · Score: 5, Insightful

    It's been my experience that it is almost impossible to get ordinary (read: non-computer) people to update their machines, be it Windows or Norton Virus updates. The only way that most of them will get these updates, ever, is if 1. Someone does it for them, or 2. If it is automated, and does it for them.

    Otherwise, they just don't see the reason to, don't have the motivation to, and just plain don't care.

  2. Re:How about... by theTerribleRobbo · · Score: 5, Insightful

    As much as I'm a Linux fanboy, that's not going to solve the problem.

    Setting aside the debatable 'inherently more secure' argument, unless distros start doing something rash like including and starting an 'apt-get update && apt-get upgrade' cron job, they're going to hit the same problems if a nasty worm comes out that affects on or more distributions of Linux (eg. a SuSE worm, etc).

  3. Re:Nothing really by Keruo · · Score: 5, Insightful

    Rsync isn't really an option for updating windows since the patch usually changes few dlls to different ones.

    Most people don't have broadband, but most people don't have fast computers either, it might take long time to compile the source distributed update.
    And your average joe won't have compiler on their machine anyway.
    I'd remove compiler from linux workstations too. The normal user, who surfs and reads email on the machine, won't have any need to compile things.

    If local patches were used, I wouldn't worry about gpl coders peeking the code. I'd worry about worms patching the source code and creating new holes through modifying patch sources.

    --
    There are no atheists when recovering from tape backup.
  4. Re:"Ordinary users" by YrWrstNtmr · · Score: 5, Insightful
    I've adopted a new policy.
    If a student or member of faculty comes in with malware problems for the first time, I fix it for them and I give them a Gentoo Linux install CD to go away with. If they come back with viruses/spyware a second time, I tell the luser to stop bothering me, and that I gave them the solution to install last time.

    Remind me not to hire you after you (maybe) graduate.