Security news
Security news16 December 2005
Dasher-B worm exploits Microsoft security vulnerability on Windows 2000 computers
 |
| Microsoft described the vulnerability as critical in October 2005. |
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users about a new worm which exploits a recently discovered critical security vulnerability in Microsoft's software. Sophos is advising users to ensure their anti-virus protection and security patches are up-to-date to protect against attacks.
The W32/Dasher-B worm exploits a vulnerability in Microsoft Windows Distributed Transaction Coordinator (MSDTC) first announced by Microsoft in October. The worm opens a backdoor on vulnerable computers and causes them to connect to a remote server for further instructions. Windows 2000 computers which have not been patched are most at risk from the worm.
"The Dasher worm wouldn't be able to spread at all if the security vulnerability in Microsoft's software didn't exist. It's important that all companies have a mechanism for rolling out security patches, as well as for automatically updating their anti-virus software," said Graham Cluley, senior technology consultant for Sophos. "Microsoft will be fuming that a virus writer is successfully exploiting another vulnerability in their operating system."
Sophos noted in October, however, that some users were reported to have experienced difficulties with the fix. Microsoft has published information about the problem on its website.
"The worry is that the problems with the patch may have prevented it from being successfully rolled out onto some vulnerable computers," continued Cluley.
Malware downloading further malicious code from the internet
It is becoming increasingly common for malware to include the functionality to download further malicious code from the internet. The Sophos Security Threat Management Report 2005 reveals that over 40% of all new malware is programmed to download code from the web, which can steal information, log keystrokes, disable security software or give remote hackers access to the infected computer.
Download "Sophos Security Threat Management Report 2005" 
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats and secure their desktops and servers with automatically updated anti-virus protection, the latest security patches, and properly configured firewalls.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
