A number of damaging worms are targeting corporate networks worldwide, with major news outlets CNN, ABC News, the New York Times and the Financial Times in London among the most prominent victims so far.
Variants of the Zotob worm which first started affecting computers at the beginning of the week, and other newer worms are responsible for the attacks, which are aimed at Microsoft’s ageing Windows 2000 operating system.
The worms take advantage of a security hole in the operating system’s Plug and Play feature. The flaw in the OS was patched by Microsoft last week but it has taken hackers less than a week to distribute code that can take advantage of the flaw.
An affected computer becomes inoperable as a result of continually re-booting. The Financial Times carried a notice on its front page this morning (17 August) apologising for any errors that were the result of a virus that “disrupted production”.
It is not yet clear whether the infections at the news outlets affected were a result of remote attacks on the networks, or whether staff brought in infected laptops used at media events and infected their network after logging in.
The Microsoft patch should protect users from the worms currently circulating, but many firms need to test patches before installing them company-wide installation.