"Dasher" Worm Brings Christmas Keylogger

An anonymous reader writes "A worm called 'Dasher' is exploiting a flaw in Windows that Microsoft issued a patch for in October, dropping keyloggers on infected machines, according to F-Secure. The SANS Internet Storm Center warned earlier this week about the weird traffic generated by the first version of this worm, which apparently was crippled by programming errors. Washingtonpost.com has some information that indicates the worm appears to have originated in China. It appears from the Microsoft advisory that Dasher is a threat mainly to Windows 2000 users, although it could impact Windows Server 2003 and Windows XP users who aren't running SP2." Update: 12/17 17:20 GMT by Z : Fixed link to SANS center.

Convenient?

[Jynx97]

Didn't I just read somewhere that Microsoft was upset with the penetration of SP2 for Winxp?

The next day an article comes out saying that only SP2 will save you!

but the advisory says...

[erikus]

SP2 is affected too.

From the advisory link:
Affected Software:

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 - Download the update

...

My answer to Key loggers

I write some PERL using Vim

Keylog THAT if you dare

It just hit me

[Stan+Vassilev]

Looks like viruses (spread by infecting exe files) are mostly non-existant today, replaced by network-propagated worms..

And it just hit me that we'd never get any of this if we were not on-line all the time.. Few years ago when the first internet worms were appearing I was like "ahah, just don't stay connected all the time you idiots".

Now I and the majority of folks around the world are "converted" and hopelessly tied to on-line, making us vulnerable to those attacks.

How many minutes can you spend offline, before the reflex kicks in and you try to google up some info you need?