Worm feeds off Microsoft vulnerability
Worm feeds off Microsoft vulnerability
A new worm has been discovered by security companies that poses as a critical software patch from Microsoft, merely hours after Microsoft announced a serious hole in the security of its Windows operating system.
The worm, which appears in several guises, including W32/Fakerr@mm, alters system settings within Windows machines and attempts to wreak general havoc within the system by trying to delete system files.
Though incidents of infection are low, the fact that the worm appears to come from Microsoft, carrying the heading "Microsoft Windows Critical Update," could yet give it some legs. Users looking to patch their system to protect against the vulnerability should do so by visiting the Microsoft website http://windowsupdate.microsoft.com and downloading the patch from there.
It is a significant vulnerability because it does not require any prior authentication for an attacker to exploit it. An attacker with the ability to exploit this vulnerability only requires the ability to connect to port TCP/135 on a vulnerable system. Once exploited, the attacker will have full access to the targeted system.
Due to the severity of the vulnerability and the importance of installing the security patch, security software vendor Symantec has raised its DeepSight ThreatCon level from 1 to 2.
Related Article: