Also of concern to ISS is an exploit released last week that takes advantage of numerous Microsoft IIS Web server vulnerabilities announced in April. According to Slender, this is exactly how the infamous Code Red and Nimda worms got started. A vulnerability was detected, someone proved the exploit and the next thing Code Red was unleashed. "Code Red, we believe, was a testing tool, it didn't do a lot of destructive damage," Slender said. Of the subsequent Code Red variants, he added, "quite obviously they were testing the right way to spread." It's only a matter of time, according to Slender, before someone compiles a malicious program based on the new Microsoft IIS exploit. "All the right things are in the right place for that to happen," he said. According to ISS, the likelihood is that the Microsoft IIS exploit code will be enhanced sometime soon to include a more destructive payload and worm-like propagation capabilities, fuelled by increased peer-to-peer chat programs, increased access to more "warez" products and hackers who increasingly look for ways to distribute their goods. "Traditional organisations think, 'I'm nobody, I'm insignificant,' and that the biggest threat is being defaced," Slender said. He used the analogy of having a shed on one's property. "if you leave it unlocked, you should expect to go in there one day and find a lot of stuff stored in there," he said. "The same concept is happening on the Net."
For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.
Have your say instantly, and see what others have said. Go to the Security forum.
Let the editors know what you think in the Mailroom.
