-=PCTechTalk=- a-squared Security-Ticker: Mytob (Zotob) Worm Alert!

  • From: "David F. Wooledge" <wooledge001@xxxxxxxx>
  • To: accmail Juno <juno_accmail@xxxxxxxxxxxxx>, "@freelistts PCTechTalk" <pctechtalk@xxxxxxxxxxxxx>
  • Date: Wed, 17 Aug 2005 19:21:44 -0700 (PDT)

a-squared Newsletter <donotreply@xxxxxxxxxxxxxxxx> wrote:Subject: a-squared 
Security-Ticker: Mytob (Zotob) Worm Alert!
Date: 18 Aug 2005 00:18:00 +0200

 BODY { SCROLLBAR-BASE-COLOR: #5d7fa8;} td { COLOR: #383b3f; FONT-FAMILY: 
Verdana, Tahoma; FONT-SIZE: 75%; }                
Newsletter unsubscribe information at the bottom of this email

Dear David Wooledge,

Important information about current security risks. 

Mytob (Zotob) Worm Alert!

The latest variants of the Mytob worm use a vulnerability in the Windows 
Plug&Play interface to infect Windows systems. a-squared detects the worm as 
Net-Worm.Win32.Mytob.cd, Mytob.cf, Mytob.ch and its automatically installed 
backdoor trojan as Backdoor.Win32.IRCBot.et. Online newspapers usually use the 
name Zotob-Worm. 

The vulnerability mainly affects Windows 2000, but may be used to exploit 
Windows XP and 2003 Servers too, Microsoft says. Windows 98 and ME systems are 
not affected.

Once active, the worm downloads an IRC backdoor trojan from the internet which 
is used to remotely control the computer.

Protection:

Ensure, that you have already applied the Windows patch with the number 
KB899588 with your system. You can download the patch on the Microsoft website 
or use the automatic Windows-Update to install it automatically.

KB899588: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx 
Windowsupdate: http://www.windowsupdate.com

a-squared Free users are advised to run the online update, to be able to remove 
the worm if the computer becomes infected.

a-squared Personal users are protected, even if they don't have the latest 
online updates installed. The new IDS technology of the background guard 
immediately detects and blocks the worm with the behavior analysis if it 
manages to run.


Your a-squared Team
http://www.emsisoft.com 

---------------------------------



© 2005 Emsi Software GmbH
Faerberstr. 8 - 5110 Oberndorf - Austria

Website: http://www.emsisoft.com

 © 2005 Emsi Software GmbH


--
<Please delete this line and everything below.>

To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/

Other related posts:

  • » -=PCTechTalk=- a-squared Security-Ticker: Mytob (Zotob) Worm Alert!
  1. Home
  2. pctechtalk
  3. Archive
  4. 08-2005