If you use Microsoft products but don’t download security updates every month, you might want to think twice. A worm
Zotob.B has been identified as a low-risk threat by security firm Trend Micro, but if the user is infected with the worm, the damage and infection rate could spell trouble for Internet users.
It’s the second variant of the plug-and-play vulnerability under the Zotob name. Zotob.A is similar to Zotob.B in that it infects and replicates itself, but uses a file called “BOTZOR.exe” in the Windows systems directory. It, too, was discovered over the weekend.
The bug exploits a vulnerability in Microsoft’s plug-and-play code found in Windows 98/ME/NT/2000/XP/Server 2003. The Redmond, Wash.-based software giant released a patch for the vulnerability Tuesday as part of its monthly security patch update.
The worm installs a program called “CSM.exe” inside a user’s Windows systems folder, where it then initiates an FTP
The exploit can also open a backdoor
Trend Micro’s World Virus Tracking Center started seeing spikes of infected computers Monday morning, though the spread seems limited to under 1,000 computers at present and only to computers in North America and Denmark.
The security firm has removal instructions for users who have been infected with the worm.