Worm targets Gates with e-mail bomb

An e-mail worm that targets systems running Microsoft Corp.’s Internet Information Services (IIS) enlists infected machines in what appears to be a hacker’s vendetta against Microsoft Corp.

The worm, called DoS.Storm.Worm, seeks out and infects IIS systems that have not applied the proper security patches, said Vincent Weafer, director of Symantec Corp.’s Antivirus Research Center (SARC). Microsoft supplied patches for the problem in August of last year, but some companies apparently have not updated their systems with the fix.

The worm’s payload carries out a DoS (denial-of-service) attack on Microsoft’s Web site, and initiates an e-mail bombing session that sends obscene e-mail messages to gates@microsoft.com. Symantec was unsure whether Microsoft actually owns the e-mail address.

The worm follows the same pattern of several malicious programs that circulated this year. Hackers may just be looking for older bugs and exploiting users who didn’t install the patches to protect against them, Weafer said.

While the worm can prove troublesome, only a small number of companies are likely to be affected, Weafer said.

“I don’t believe this will be a significant threat,” he said.

Symantec said the DoS.Storm.Worm could cause a “medium” level of damage, in particular seriously degrading network performance by generating a flood of messages. But the number of current infections is low, and the worm can be easily contained, the company said. It said it hadn’t figured out yet where the worm originated or who is responsible for it.

To protect against the worm, users of Microsoft Internet Information Server 4.0 and Internet Information Services 5.0 should install a security patch to cover the “Web Server Folder Traversal” security vulnerability. The update can be downloaded at http://www.microsoft.com/WINDOWS2000/downloads/critical/q269862/default.asp/.

Symantec Canada, in Toronto, can be reached at

http://www.symantec.ca.

The worm alert can be found at http://www.symantec.ca/avcenter/venc/data/dos.storm.worm.html.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now