Worms are exploiting a critical security flaw in
Microsoft’s Windows operating system, security experts have
warned.
Security firm Sophos warned that the Cuebot-L and Cuebot-M worms
are exploiting a critical vulnerability outlined in Microsoft’s
MS06-040 security bulletin.
The worms are spread via AOL’s instant messenger and once they
have infected a PC they switch off the Windows firewall and open a
backdoor that lets hackers gain access and control over the
machine.
Microsoft issued a security patch for the vulnerability last
week and Sophos urged businesses to patch their systems speedily.
Senior security consultant Carole Theriault warned, “Many Windows
computers probably remain unpatched and vulnerable to these
threats.”
She added, “Microsoft is once again in the difficult situation
of trying to convince its customers that Windows is becoming more
secure, despite this onslaught of malware designed to exploit its
vulnerabilities.”
The advice follows warnings from other security experts that the
flaw described in the MS06-040 bulletin is particularly easy to
exploit.
Earlier this week, the US Homeland Security department joined
the chorus, urging Windows users to “avoid delay” in applying the
security patch. “This vulnerability could impact government
systems, private industry and critical infrastructure, as well as
individual and home users,” it warned.
Vote for your IT greats
Who have been the most influential people in IT in the past 40
years? The greatest organisations? The best hardware and software
technologies? As part of Computer Weekly’s 40th anniversary
celebrations, we are asking our readers who and what has really
made a difference?
Vote now at:
www.computerweekly.com/ITgreats