There's a new worm in town, and it's burrowing through every hole in Windows and Outlook with startling efficacy, slowing the Internet to a crawl. This thing uses a compilation of several known exploits to spread itself. Scary item number one: it uses a MIME exploit to make Outlook/Outlook Express open an e-mail attachment it mails to would-be victims. You don't have to open an attachment to get infected. Scary item number two: it uses an IIS hole to infect Windows-based web servers, spreading much like Code Red. Scary item number three: It creates a Guest account with Administrator privileges on infected boxes, then opens up network shares, exposing the box's contents to the world.
It also appears this wriggling beastie uses IRC and FTP to propagate itself, but the anti-virus types aren't quite sure about what all it does yet. I've heard that this thing gets its claws pretty deep into an infected system. You can find more info at Symantec's SARC, where they haven't yet posted instructions on removing the virus.
To protect against the IIS exploit, grab the MS patch here. The MIME exploit patch is online here. Neither of these is a new exploit, but it's best to make sure you're protected, since the costs of infection are high.
I watched this thing bang on the TR server for a while (no harm done; we run Apache) by grepping through the logs, and it seems the worm hits computers with similar IP addresses first. We were getting hit primarily from addresses that shared the first two octects with our own. (Search for "cmd.exe" requests if you want to check your own server logs.) Install those patches and update those anti-virus defintions, folks. Nimda is nasty.
|Nvidia's GeForce GTX 1060 graphics card reviewed||57|
|In the lab: EVGA's GeForce GTX 1050 Ti Superclocked graphics card||7|
|iPhone sales continue to shrivel in Apple's fiscal fourth quarter||11|
|Leaked MacBook Pro pics suggest OLED touch bar and Touch ID||15|
|Eizo FlexScan EV7280 monitor cuts cable clutter||6|
|Xiaomi reveals Mi Mix phone with a 6.4" edgeless display||31|
|Zotac and Thermaltake join forces for a liquid-cooled GTX 1080||4|
|Zotac Magnus EN1080 may be the fastest mini-PC yet||17|
|Seagate 5TB BarraCuda and 2TB FireCuda drives are big and speedy||37|
|Signing your posts is daftly redundant. Meadows||+29|