Windows attack worm warning
Mind the malicious code…
Several security experts are warning of increased cyber attacks targeting Windows PCs but Microsoft says all is calm on the attack front.
McAfee, the Sans Internet Storm Center, Symantec and several other security companies are warning of a new worm that wriggles into Windows PCs by way of a security flaw for which Microsoft issued a patch with security bulletin MS06-040 on 8 August.
On Thursday, Symantec raised its ThreatCon to Level 2, which means an outbreak is expected. In an alert to customers, the company said it is seeing “ongoing and frequent attacks” that utilise the MS06-040 flaw. There are now six variants of malicious code that exploit the vulnerability, Symantec said.
It said in its alert: “The potential impact of these threats is exaggerated due to reports of successful compromise of Windows NT systems, for which there is no patch available.” Windows 2000 and Windows XP are also at risk, according to Symantec.
Symantec was joined in its alert by the other security watchers. The Sans Internet Storm Center, which monitors network threats, noted on its website that several people had reported increased malicious activity. Analysis of the threat, however, found attacks should be “relatively easy to catch”. Most antivirus software detects the bad code.
Full story: silicon.com