New Windows Bug

It seems unclear whether the worm infecting CNN and others is Rbot or Zotob. Someone from trendmicro was on CNN earlier saying it was probobly Rbot, but CNN was saying Zotob before that.

It seems to me though that these news organizations are making a big deal out of an ordinary worm simply because they have been infected. The internet traffic report as remained steady throughout the afternoon, indictating that the worm is not widespread enough to have any significant effect on the internet.

SANS has an interesting hypothesis that NYTimes, ABC, and CNN were all at the same event at some point recently had had their laptops on the same network, and that in this way the worm got past the firewalls of the news organizations and on to their networks. This seems likely to me. I have seen no indication thus far in my router log that this worm has tried to spread to my network.

Is it just me or is this related to Danny's CNN blog entry?

http://www.daniweb.com/blogs/entry313.html

Gahh, benna posted at the same time as me! :)

Also, and I say this not to lull anyone into a false sense of security, but this VIRUS (a "bug" is a software mistake; this mess is intentional mischief) right now is primarily targeting Windows 2000-based machines. But again, don't leave yourself unprotected just because you have another version.

I'm watching all this in comfort myself; from the comfort of common sense :)

Hi,

This is not related to Danny's entry. He was talking about the social aspects, and didn't offer any technical information on it. He also titled his posting on CNN, and anyone who doesn't give a damn about CNN probably won't read it. Mine is titled to the point.

I also see Windows as being Buggy software. It is a virus. But Windows is buggy software.

I am going to check my traffic graphs later this evening to see if the noise floor has grown or not.

Christian

Christian -- Firstly, it's not a virus, it's a worm. CNN called it both, but just to be official, its a worm. Worm worm worm.

I have updated my blog title to reflect the content better. The fact is, this is vulnerability is not present in all versions of Windows. Its only W2K and out-of-date versions of XP.

The rest of us are fine. And in fact, Microsoft has responded. You should have looked harder. The official MSRC blog has info: http://blogs.technet.com/msrc/archive/2005/08/15/409169.aspx

My computer, (XP Pro with SP2) was never at risk. Since most users with XP use automatic-windows updates, they probably will be fine too. W2K is not a very common OS anymore.

As per your Mac: Don't even go there. Macs are a much smaller market share than PCs, so theres much less of an incentive to create malicious software for them. Its common sense.

And so the reason Microsoft has not reacted is because they proacted by releasing an update that closes this hole they themselves reported at the time they reported it.
If people choose to neglect their security updates (for whatever software they use, not just Windows but your precious MacOS as well) they put themselves at risk and have noone but themselves to blame if they get compromised.

Proacted isn't a word.