This past Tuesday, Microsoft released six new updates for Windows, including one for Plug ‘N’ Play (PnP) that affects Windows 2000 users along with Windows XP SP1/SP2 users and Windows Server 2003 users. Originally, the vulnerability was thought to only be a ‘local’ issue (meaning you had to be physically at the computer in order to exploit this).
Shortly after that, an expoit code was released that showed how to use this vulnerability to attack computers remotely (via local networks or the internet). It wouldn’t be (and in reality wasn’t very) long before a virus came out using the exploit code. In fact, on Friday night, Zotob was named.
Because of the release of this worm into the wild (the internet), the Internet Security Alert status was raised to Yellow. Yellow means there is a threat that, while it won’t disrupt the internet as a whole, will dramatically affect some portions. More information on the “InfoCon” and meaning of the alert status can be found at http://isc.sans.org/infocon.php.
You will also be able to click on the link below to access the SANS Internet Storm Center.
So, if you haven’t already done so, you need to patch your Windows Computers. Even though this issue isn’t as effective on Windows XP SP2 or Windows Server 2003, you really need to patch for it anyhow. Because sooner or later, somebody will figure out how to attack those machines as well.
You can update your computers via Automatic Updates (recommended for Windows 2000/XP/2003 users) or going to Windows Update (http://windowsupdate.microsoft.com or http://update.microsoft.com). Be warned though that Microsoft has implemented their Genuine Advantage Program (Validation Tool) so, if you’re running a pirated copy or a crack serial code, it may not work. If that’s the situation you find yourself in, I strongly suggest that you purchase a valid copy from either an online store, or your local computer store (or Wal-Mart).