A number of damaging worms are targeting corporate
networks worldwide, with major news outlets CNN, ABC News, the New
York Times and the Financial Times in London among the most
prominent victims so far.
Variants of the Zotob worm which first started affecting
computers at the beginning of the week, and other newer worms are
responsible for the attacks, which are aimed at Microsoft’s ageing
Windows 2000 operating system.
The worms take advantage of a security hole in the operating
system’s Plug and Play feature. The flaw in the OS was patched by
Microsoft last week but it has taken hackers less than a week to
distribute code that can take advantage of the flaw.
An affected computer becomes inoperable as a result of
continually re-booting. The Financial Times carried a notice on its
front page this morning (17 August) apologising for any errors that
were the result of a virus that “disrupted production”.
It is not yet clear whether the infections at the news outlets
affected were a result of remote attacks on the networks, or
whether staff brought in infected laptops used at media events and
infected their network after logging in.
The Microsoft patch should protect users from the worms
currently circulating, but many firms need to test patches before
installing them company-wide installation.