X
Business
Home Business Enterprise Software

Windows 2000 users face multiple attacks

Worms exploiting a flaw in Windows 2000 are running rampant, with widespread infections reported from three different malware families
Written by Will Sturgeon, Contributor

Users rushing to protect themselves from the Zotob worm are being warned not to take their eyes off other threats as McAfee raises its alert level on the newly discovered IRCbot to the highest alert.

The IRC worm spreads by exploiting a Microsoft vulnerability. Although a patch has been available since Microsoft announced the vulnerability on 9 August, the spread of the worm suggests users have been slow to apply it.

The vulnerability has also been leapt on by the virus writers who have launched the recent SDBot, Rbot and the Zotob virus families which has been causing pain for users around the world in the past 24 hours. The IRCbot was the first of the exploits to propagate en masse.

IRCbot.worm!MS05-039 contacts a remote IRC server and waits for further instructions, according to McAfee. It also copies itself to the Windows System directory, appearing as WINTBP.EXE. Registry keys are created to load the worm at start-up. If infected, the system will continually reboot until it is patched.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

pxl-20240424-181716738

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

Placeholder product image alt text

The best AI image generators to try right now