What about the latest worm?
CNN reported a worm outbreak using their “Breaking News” feature. Predictably, concerned users called us attributing observed effects to the media-declared cause. According to published reports, Microsoft activated their “emergency response”. The Wall Street Journal covered the incident with more perspective and information.
Others were not so kind: “New worm catches big business with pants down”
W32.Zotob.E , WORM_RBOT.CBQ, W32/IRCbot.worm! are all names for the worm exploiting Microsoft vulnerability MS05-039 .
Make no mistake…computers were affected across a number of organizations. It’s clear, however, that IT departments still struggle with maintaining a disciplined approach to keeping systems patched. Many organizations suffer the illusion of information security and it often takes something embarassing or damaging to trigger a change.
A few of our customers still had this awstats vulnerability. While others simply had non-worm related performance problems.
How do you sort out published threat reports and their possible effect on your business? A good start is to check the Internet Storm Center run by SANS.
If you are a member of the media, check their press resources before you jump on the virus/worm bandwagon.
Here’s what Microsoft says you should know about zotob.
Tags: zobot zotob downtime awstats ms05-039
