[ insider_reports_insider ]
Worms AIM At Microsoft Flaw
David Utter
Staff Writer
2006-08-14
 Insider Reports RSS Feed
The Department of Homeland Security warned Windows users to patch MS06-040, and the threat to that vulnerability has been reported by Sophos as a pair of worms that travel over AOL instant messenger to exploit it.
 | | Worms AIM At Microsoft Flaw |  |
DHS does not customarily pass along advisories on computer security issues. Plenty of outlets exist to do so, especially when it comes to Microsoft products like the Windows operating system.
When DHS moved to advise PC users to patch their Windows systems against one particular threat, MS06-040, they noted in their advisory that the flaw was being actively exploited.
Security firm Sophos has confirmed attacks are taking place, focused on this critical vulnerability in the operating system. The W32/Cuebot-L and W32/Cuebot-M worms have been traveling over AIM, the instant messaging service provided by AOL.
"Once the Cuebot-L or Cuebot-M worms have infected a PC they turn off the Windows firewall and open a backdoor, allowing remote hackers to gain access and control over the computer," Sophos senior technology consultant Graham Cluley noted in the report.
Things could get worse, too. "There will be many Windows computers that will not have been patched yet and may be vulnerable to infection and compromise," said Cluley "We wouldn't be surprised if more worms were released which exploited this security hole in Microsoft's software."
Such worms have caused a lot of problems in the past for Windows users. The Sasser worm that circulated in 2004 caused problems on thousands of computers and cost millions of dollars of business productivity around the world.
---
Tag: Microsoft
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
