ZDNet UK / News and Analysis / Security / Security Threats

Worm surge exploits Microsoft vulnerability

By Colin Barker, ZDNet.co.uk, 7 January, 2009 16:15

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Microsoft, Worm, F-secure

NEWS

Business systems are being attacked by a worm exploiting a known Microsoft vulnerability, IT security experts have warned.

Both US-CERT and security organisation F-Secure have issued warnings, urging IT professionals to apply the Microsoft patch.

The malware attacks the vulnerability outlined in MS08-067, a Windows Server service flaw that was patched in October. The worm launches a dictionary attack to attempt to crack user passwords, and uses server-side polymorphism and modification to the Access Control Lists (ACL) "to make network disinfection particularly difficult", F-Secure said in a blog post.

A sign of infection is that user accounts get locked out of the Active Directory domain as the worm tries to crack passwords, said F-Secure.

A removal tool is available at the F-Secure website, as is a detailed description of the malware F-Secure calls Downadup.AL.

Related stories

Microsoft warns of worm exploiting Windows flaw

Whiteboard: Who writes the worms?

Facebook worm exploits Google's reputation

Microsoft issues patch for potential 'worm hole'

Assange loses extradition battle in Supreme Court

Talkback

The connections it made outbound crashed the firewall and brought the Internet down constantly...

It's not exactly a one click removal either!

Please PATCH YOUR SYSTEMS NOW!

gareth25 7 January, 2009 23:01
Reply

Can Microsoft write ANY secure code? Seems like they are in a hurry to get the product, "on the the shelf", and let the user be the beta tester. One would expect a better product, considering how long they have been in business.
But, then again, they have never been concerned about the user.

ator1940 8 January, 2009 13:51
Reply

This post has been removed by a moderator.

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

Jack Schofield

Moonlight wasn't a Microsoft product, so it's not really a failure for Microsoft, more a failure for open source. Or, specifically, for Novell,...

1 hour ago by Jack Schofield on The future of .NET (Mono) on non-Windows platforms
J.A. Watson

@apexwm - You are basically right. GIMP is not included in the Fedora 17 base distribution, but it can be installed from the Add/Remove Software...

2 hours ago by J.A. Watson on Fedora 17 - The "Beefy Miracle" Arrives
Moley

@pjc158 Unfortunately our government signed away any such possibility in a entirely unequal treaty with the USA, purportedly in response to...

2 hours ago by Moley on Judge orders US to share MegaUpload evidence
J.A. Watson

@Thomas - Thanks for the tip, based on what you said I went back and downloaded the KDE spin, and installed that one another netbook (NF310). You...

2 hours ago by J.A. Watson on Fedora 17 - The "Beefy Miracle" Arrives
apexwm

JW, Thanks as always for the great review on these new releases. One thing that I've also read is that Fedora 17 will include GIMP 2.8 which is...

3 hours ago by apexwm on Fedora 17 - The "Beefy Miracle" Arrives
SoapyTablet

'Cut Price' Data Roaming? The price has been cut, but it is certainly not 'cut price' in the sense of the phrase, and nowhere near local EU data...

4 hours ago by SoapyTablet on Cut-price data roaming gets all-clear for July
apexwm

BrownieBoy: "Such crashes are normally down to the OS and/or a rogue application, which could be fixed by re-imaging. Everybody knows how Windows...

5 hours ago by apexwm on Using Windows XP is a waste of money, says IDC
Thomas Gellhaus

I've just started using it too, and like you I feel that Fedora is a fine GNOME 3 showcase distribution. I am torn, though, because I checked out...

5 hours ago by Thomas Gellhaus via Facebook on Fedora 17 - The "Beefy Miracle" Arrives
pjc158

Why is it that Newzealand has the guts to stand up to the USA and ask to see the evidence and we don't!

5 hours ago by pjc158 on Judge orders US to share MegaUpload evidence
Dean Talboys

What a farce! Hopefully the European court will see where this is leading.

8 hours ago by Dean Talboys via Facebook on Assange loses extradition battle in Supreme Court
SoapyTablet

Wouldn't surprise me if Samsung actually really had problems producing the white model (as Apple did - it would make more sense) and this non-story...

8 hours ago by SoapyTablet on Samsung Galaxy 'S3' delayed by special paint
Lonnie

those conformation letters are hard to figure out what is which letters it is a pain in the back side. Please make it more Ledge-able being better...

12 hours ago by Lonnie on Screenshots: Photoshop CS6 Beta
BrownieBoy

"cites" even. Ouch!

19 hours ago by BrownieBoy on Using Windows XP is a waste of money, says IDC
Horace Ontalhold

...... and PDP11s too

19 hours ago by Horace Ontalhold on Fusion-io lays minefield with a billion IOPS
BrownieBoy

I had a quick skim through the PDF. It seems to be that many of these so-called cost savings would be down to a hardware refresh. Although...

20 hours ago by BrownieBoy on Using Windows XP is a waste of money, says IDC
bobandroid

496,999 BT Fon Hotspots lovingly situated in your next door neighbours garden, no matter how you dress that up its still a pup... Not where I need...

22 hours ago by bobandroid on London Olympics: BT needs 25,000 more Wi-Fi hotspots
apexwm

Jack : I was hoping you could provide us a summary since you are familiar with this report. I am not yet sure how much of my time I'd like to...

24 hours ago by apexwm on Using Windows XP is a waste of money, says IDC
Smilig Eddie

2 – 4 more weeks of waiting: how many buyers are going to decide instead to see what the iPhone 5 offers? Consumer trust in the brand has also...

1 day ago by Smilig Eddie on Samsung Galaxy 'S3' delayed by special paint
SRist

So it looks like this was a complete red herring - Adobe are allowing upgrades from Photoshop CS3, CS4 and CS5 at the same price. When did this...

1 day ago by SRist on Photoshop users attack Adobe upgrade policy change
Jack Schofield

@apexwm Have you considered either (a) reading the story above or (b) reading the PDF? There are answers in both.

1 day ago by Jack Schofield on Using Windows XP is a waste of money, says IDC

Latest in Security Threats

Assange loses extradition battle in Supreme Court

'Flame' cyberattack raging through Middle East systems

The secret's out for secure chip design

Featured white papers

CIO challenges: Bringing your iPad to work

Aruba Networks

CIO challenges: Bringing your iPad to work

The arrival of personal technology in the office is a challenge for all organisations, but how can it be adapted securely for corporate... Read more

Hacktivism: Threats and reality for IT managers

ZDNet UK

Hacktivism: Threats and reality for IT managers

As high-profile breaches involving consumer data become the norm, this guide looks at where hacking is heading and what individuals can do to protect against possible attacks, from securing data to creating more secure email... Read more

Taking a Proactive Approach to Patch Management

VMware

Taking a Proactive Approach to Patch Management

To ensure that your organisation is protected, your IT departments must take a proactive approach to patch... Read more

Inside ZDNet UK

Inside Google's revamped Chrome OS

Inside Google's revamped Chrome OS

Fedora 17 - The "Beefy Miracle" Arrives

Fedora 17 - The "Beefy Miracle" Arrives

Toshiba Satellite Pro C850-10N

Toshiba Satellite Pro C850-10N

How code signing works

How code signing works

HTC One V: First take

HTC One V: First take

SharePoint deployment: The final chapter

SharePoint deployment: The final chapter

Ten IT jobs to save up for those rare lulls

Ten IT jobs to save up for those rare lulls