There’s a nasty worm making the rounds right now. It was reported yesterday afternoon that the worm “Worm:Win32/Zotob.A” is currently circulating. It’s taking advantage of a Windows Plug and Play vulnerability in Windows 2000, which was addressed in MS05–039 (one of the ones that came out last week).
This worm does not affect Windows XP (SP2) or Windows Server 2003. But if haven’t updated your system yet, now would be a really good time to do it. And if you’re running Windows 2000 and haven’t patched it yet, DO IT NOW!
Some more details:
- If you believe you have been attacked, please contact your local FBI office or post your complaint on the Internet Fraud Complaint Center Web site. If you’re outside the U.S., you should contact the national law enforcement agency in your country.
- If you are in the U.S. or Canada and you believe you may have been affected by this possible vulnerability, you can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support that is associated with security update issues or viruses. Outside of North America you can receive support by using any of the methods that are listed at Security Help and Support for Home Users Web site.
So – Are any of you feeling the effects of this? Or have you already rolled out the patches? I’m interested in hearing what those of you supporting Windows 2000 are using in your environments for patch management. Maybe you can share some of your “best practices” here.