AUSTRALIA (ZDNet Australia) - Placed on low risk by anti-virus company Trend Micro, the worm spreads through the Sun operating system Solaris, where it launches its attack on the Microsoft IIS Web servers.
The worm uses two well-known vulnerabilities to compromise systems and deface Web pages.
The virus, which has been in the wild since mid last week, has attacked approximately 9000 IP addresses on a global scale, according to Trend Micro.
The danger of the worm is that it automatically searches for other vulnerable Sun machines, changing the HTML file to show an anti-American message.
"The message is too rude to repeat," Trend Micro's Andy Liou said.
Those Web sites affected are running unpatched versions of Microsoft IIS and Solaris up to, and including, Solaris 7, according to technical advisor company AusCert.
"Again, it shows that humans are the weakest link in computer security," Liou said.