[guispeak] Fwd: Zotob Worm Hole Also Affects Windows XP Users

  • From: Andy Baracco <wq6r@xxxxxxxxxxxx>
  • To: guispeak@xxxxxxxxxxxxx
  • Date: Wed, 24 Aug 2005 20:46:36 -0700

To print: Click here or Select File and then Print from your browser's menu -------------------------------------------------------------- This story was printed from ZDNet News, located at http://news.zdnet.com -------------------------------------------------------------- By Joris Evers URL: http://news.zdnet.com/2100-1009_22-5842359.html

      The plug-and-play vulnerability that caused havoc for Windows 2000
users last week also holds a serious risk for some Windows XP users,
Microsoft said Tuesday.
      Computers running Windows XP with Service Pack 1 in a specific
configuration are vulnerable to worm attacks similar to the ones that hit
Windows 2000 systems, Microsoft said in a security advisory published

      The Zotob worm and its offshoots, plus several other worms, downed
Windows 2000 computers, including systems at ABC, CNN and The New York
Times. All the worms exploited a security hole in the plug-and-play feature
in Windows, for which Microsoft provided a fix earlier this month and rated
as "critical" for Windows 2000.

      It was previously thought that only Windows 2000 machines were
vulnerable to remote attack using the plug-and-play flaw. However, Microsoft
in its security advisory on Tuesday specified one scenario that also exposes
select Windows XP users.

      Also vulnerable are systems that run Windows XP with SP1 with file and
printer sharing and the Windows guest user account enabled, according to
Microsoft. This would likely be home users, because PCs are not vulnerable
if connected to a network domain, which is common in business environments,
Microsoft said.

      "This is a minor and narrow attack scenario," said Debby Fry Wilson, a
director at Microsoft's Security Response Center. "However, because Windows
2000 customers were attacked last week, we wanted to take the extra
precaution of offering customers this clarifying information."

      The probability that there are many vulnerable systems out there "is
very remote," Fry Wilson said. Most consumers have upgraded their Windows XP
machines to Service Pack 2, she said. In businesses, where Windows XP SP1 is
more common, computers are not vulnerable because they are typically
connected to a domain, she said.

      Microsoft was made aware of the Windows XP attack possibility by
security vendor Symantec, Fry Wilson said. Microsoft urges users to apply
the security patches it provided earlier this month. Also, Microsoft is not
aware of any attack exploiting the plug-and-play flaw that targets Windows

** To leave the list, click on the immediately-following link:- ** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** guispeak-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq

Other related posts:

  • » [guispeak] Fwd: Zotob Worm Hole Also Affects Windows XP Users