A fast-spreading Internet worm is infecting thousands of computers worldwide today, causing headaches for business and home users running the Microsoft Windows operating system. The worm, which was detected Monday, takes advantage of a vulnerability discovered three weeks ago that affects nearly all recent versions of Windows. Once a computer is infected, the worm installs instructions for attacking the Microsoft Update Web site — the same site that users are encouraged to go to for downloading patches that would protect their systems from this worm and others. The worm then scans the Internet for other vulnerable computers. “We’re talking on the order of potentially hundreds of thousands of machines hit with this already,” said Jeff Havrilla, an Internet security analyst at the CERT Coordination Center, a government-funded security watchdog group at Carnegie Mellon University in Pittsburgh. “The infection rate is still climbing, so this is far from over.” The “Blaster” worm, also known as the “LovSan” worm, instructs infected computers to assault the Microsoft Update servers continuously after 12 a.m., August 16. Such an attack, launched by thousands of computers with high-speed connections, would prevent users from being able to reach the service, experts said. The worm is instructed to continue doing this until December 31, 2003, after which it will attack the update site on the 16th of every month. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.