|Microsoft described the vulnerability as critical
in October 2005.
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned
computer users about a new worm which exploits a recently
discovered critical security vulnerability in Microsoft's software.
Sophos is advising users to ensure their anti-virus protection and
security patches are up-to-date to protect against attacks.
The W32/Dasher-B worm
exploits a vulnerability in Microsoft Windows Distributed
Transaction Coordinator (MSDTC) first announced by Microsoft in
October. The worm opens a backdoor on vulnerable computers and
causes them to connect to a remote server for further instructions.
Windows 2000 computers which have not been patched are most at risk
from the worm.
"The Dasher worm wouldn't be able to spread at all if the
security vulnerability in Microsoft's software didn't exist. It's
important that all companies have a mechanism for rolling out
security patches, as well as for automatically updating their
anti-virus software," said Graham Cluley, senior
technology consultant for Sophos. "Microsoft will be fuming that a
virus writer is successfully exploiting another vulnerability in
their operating system."
Sophos noted in
October, however, that some users were reported to have
experienced difficulties with the fix. Microsoft has published
information about the problem on its website.
"The worry is that the problems with the patch may have
prevented it from being successfully rolled out onto some
vulnerable computers," continued Cluley.
Malware downloading further malicious code from the
It is becoming increasingly common for malware to include the
functionality to download further malicious code from the internet.
Security Threat Management Report 2005 reveals that over 40% of
all new malware is programmed to download code from the web, which
can steal information, log keystrokes, disable security software or
give remote hackers access to the infected computer.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam
threats and secure their desktops and servers with automatically
updated anti-virus protection, the latest security patches, and
properly configured firewalls.