There's a new worm in town, and it's burrowing through every hole in Windows and Outlook with startling efficacy, slowing the Internet to a crawl. This thing uses a compilation of several known exploits to spread itself. Scary item number one: it uses a MIME exploit to make Outlook/Outlook Express open an e-mail attachment it mails to would-be victims. You don't have to open an attachment to get infected. Scary item number two: it uses an IIS hole to infect Windows-based web servers, spreading much like Code Red. Scary item number three: It creates a Guest account with Administrator privileges on infected boxes, then opens up network shares, exposing the box's contents to the world.
It also appears this wriggling beastie uses IRC and FTP to propagate itself, but the anti-virus types aren't quite sure about what all it does yet. I've heard that this thing gets its claws pretty deep into an infected system. You can find more info at Symantec's SARC, where they haven't yet posted instructions on removing the virus.
To protect against the IIS exploit, grab the MS patch here. The MIME exploit patch is online here. Neither of these is a new exploit, but it's best to make sure you're protected, since the costs of infection are high.
I watched this thing bang on the TR server for a while (no harm done; we run Apache) by grepping through the logs, and it seems the worm hits computers with similar IP addresses first. We were getting hit primarily from addresses that shared the first two octects with our own. (Search for "cmd.exe" requests if you want to check your own server logs.) Install those patches and update those anti-virus defintions, folks. Nimda is nasty.
|Synaptics Clear ID FS9500 fingerprint sensors slip under phone screens||2|
|TR's 2017 Christmas giveaway: goodies from MSI, Antec, and OCZ||15|
|VESA DisplayHDR attempts to demystify HDR-capable monitors||16|
|BenQ EW277HDR brings HDR10 in reach of mere mortals||5|
|Intel Pentium Gold chips now have Silver siblings||34|
|Acer ProDesigner PE320QK is big on size and color accuracy||2|
|Thermaltake's Nemesis Switch has enough buttons for all your macros||17|
|Zotac Gaming MEK1 PCs have the requisite pieces of flair||9|
|Toshiba's latest hard drives store 14 TB without shingles||66|