 |
 |
|
 |
|
|||
|
|||
|
|||
|
|
Worm was to move at 1 a.m. EDT Friday'Nimda' appears quiet after 10-day 'sleep'
By Deborah Radcliff (IDG) -- In a bulletin issued at 3:16 p.m. Friday, Symantec's "security response" program indicated that little meaningful trouble was being made by the "Nimda" worm as it ended its 10-day dormant stage. "Symantec has not seen any significant increase in activity due to the re-activation of the e-mailing routine after its initial 10 day sleep period," the statement read, in reference to w32.Nimda.A, although researchers had discovered a third vector to the worm. It had been set to propagate again through e-mail at 1:00 a.m. EDT Friday. "We rechecked the code base to Nimda, and we found a code set that is supposed to respread Nimda through e-mail systems starting 10 days after machines were first infected," said Oliver Friedrichs, director of engineering at the Attack Registry and Intelligence Service. That service is sponsored by SecurityFocus, a business security firm in San Mateo, California. Ten days after first infecting machines, the worm was expected to attempt to respread itself through readme.exe attachments, with the same payload as its original mail-based infection.
The impact could have been significant, depending on how well the IT community cleaned systems and patched Microsoft Corp. Internet Information Server (IIS) and Outlook programs. The 10-day vector was anticipated as being likely less severe than Nimda was the first time because more systems have been patched against the vulnerabilities, Friedrichs said. But because Nimda has spread itself to so many places on computers, networked systems may not have been cleaned enough to prevent widespread mailings of the virus. Therefore, Friedrichs had advised IT managers to do the following:
|
|
|
||||||||||||||||||||||||
| ||||||||||||||||||||||||||||
|
RELATED STORIES:
• Nimda needs harsh disinfectant
September 26, 2001 • Nimda worm picks up pace in Europe September 21, 2001 • Nimda worm is tough, but patches are available September 21, 2001 • Aggressive new worm threatens Web users September 18, 2001 RELATED IDG.net STORIES:
• Gartner to IS managers: Drop IIS
(InfoWorld.com) • Cleaning up Nimda a headache for tech staff (IDG.net) • Nimda worm hard to fight, but patches are available (Computerworld) • Network Associates releases solutions to combat Nimda worm (InfoWorld.com) • Viruses getting fast, clever, specialist says (Network World Fusion) • Nimda worm spreads three ways (Network World Fusion) • Maker of Kournikova virus stands trial (Network World Fusion) • Eliminate viruses fast (PCWorld.com) RELATED SITES:
• Attack Registry and Intelligence Service
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
• Report: SUVs pose danger to cars • New telemarketer tool trumps TeleZapper • Terra Lycos logs $2.2B loss • AOL to offer song downloads • Microsoft seeks fiscal fountain of youth (More) |
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
| Back to the top | |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |
