Worm surge exploits Microsoft vulnerability

Business systems are being attacked by a worm exploiting a known Microsoft vulnerability, IT security experts have warned.

Both US-CERT and security organization F-Secure have issued warnings, urging IT professionals to apply the Microsoft patch.

The malware attacks the vulnerability outlined in MS08-067, a Windows Server service flaw that was patched in October. The worm launches a dictionary attack to attempt to crack user passwords, and uses server-side polymorphism and modification to the Access Control Lists (ACL) "to make network disinfection particularly difficult", F-Secure said in a blog post.

A sign of infection is that user accounts get locked out of the Active Directory domain as the worm tries to crack passwords, said F-Secure.

A removal tool is available at the F-Secure website, as is a detailed description of the malware F-Secure calls Downadup.AL.

Talkback 0 comments

• IT and Telecommunications Jobs Australia Risk and Compliance Manager
• Compliance and Risk Analyst 3 month initial contract (C3)
• Senior Manager Information Security, Risk and Compliance/Melbourne/$
• JD 0905775 – Information Security Analyst – Vendor Assessments (base in Hong Kong)
• Information Security Analyst

TechGuides

How to protect yourself from RAID-related UREs

An Unrecoverable Read Error during a RAID rebuild can ruin an entire day. Scott Lowe talks about UREs and how you can avoid falling victim to this silent threat.

Read more »

Latest from Blog Central

Buying a projector? Try an LED TV instead

Read more »

Cutting-edge technology from premium sponsors

What are
Eco-Products? »

View Featured
Eco-Products »

Brought to you by:

 

 

 

More Tech Showcases:

Hitachi Eco-Products

Juniper Networks