Select Page

I’m sitting in the airport in Denver – watching CNN and reading my mail. Simultaneously I get an email alert from my IDS showing a lot of unusual activity, also a Microsoft PR person is on CNN describing the impact of the latest worm.

This from SANS:

Another PnP Worm: W32.Zotob.E

CNN is reporting a worm outbreak which is affecting their network, ABCNews, NYTimes, as well as Capitol Hill. All statements so far make this look like a Zotob variant…

Symantec just released info on the W32.Zotob.E worm here.

Trend Micro is also released this: WORM_RBOT.CBQ

This is an exploit of a known vulnerability, and the patch is available from microsoft here: Microsoft Security Bulletin MS05-039

Interesting – firewall, IDS, host-based hardening – all seems to work for many people. Good practice leads to safe computing.