a-squared Newsletter <donotreply@xxxxxxxxxxxxxxxx> wrote:Subject: a-squared Security-Ticker: Mytob (Zotob) Worm Alert! Date: 18 Aug 2005 00:18:00 +0200 BODY { SCROLLBAR-BASE-COLOR: #5d7fa8;} td { COLOR: #383b3f; FONT-FAMILY: Verdana, Tahoma; FONT-SIZE: 75%; } Newsletter unsubscribe information at the bottom of this email Dear David Wooledge, Important information about current security risks. Mytob (Zotob) Worm Alert! The latest variants of the Mytob worm use a vulnerability in the Windows Plug&Play interface to infect Windows systems. a-squared detects the worm as Net-Worm.Win32.Mytob.cd, Mytob.cf, Mytob.ch and its automatically installed backdoor trojan as Backdoor.Win32.IRCBot.et. Online newspapers usually use the name Zotob-Worm. The vulnerability mainly affects Windows 2000, but may be used to exploit Windows XP and 2003 Servers too, Microsoft says. Windows 98 and ME systems are not affected. Once active, the worm downloads an IRC backdoor trojan from the internet which is used to remotely control the computer. Protection: Ensure, that you have already applied the Windows patch with the number KB899588 with your system. You can download the patch on the Microsoft website or use the automatic Windows-Update to install it automatically. KB899588: http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx Windowsupdate: http://www.windowsupdate.com a-squared Free users are advised to run the online update, to be able to remove the worm if the computer becomes infected. a-squared Personal users are protected, even if they don't have the latest online updates installed. The new IDS technology of the background guard immediately detects and blocks the worm with the behavior analysis if it manages to run. Your a-squared Team http://www.emsisoft.com --------------------------------- © 2005 Emsi Software GmbH Faerberstr. 8 - 5110 Oberndorf - Austria Website: http://www.emsisoft.com © 2005 Emsi Software GmbH -- <Please delete this line and everything below.> To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/