Read up on the latest ideas and technologies from companies that sell hardware, software and services. Solve Exchange Storage Problems Once and For All: A New Approach without Stubs or Links
Strategies for Eliminating .PST Files
Cutting printer costs
Web Security SaaS: The Next Generation of Web Security
Solve Exchange Mailbox Storage Issues Once and for All
Email Archiving 101—Customer Case Study
Best Practice in Building an Integrated Information Management Strategy
Vendor Influence Curves And How You Can Get The Best Value Out Of Your Network
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Antivirus software companies are warning customers about a new email worm that targets unpatched Microsoft Windows machines with either of two recently disclosed software vulnerabilities.
The new worm, known as both Plexus and Explet.A, was first detected last Wednesday and spreads by exploiting Windows machines with vulnerabilities used by two recent worms, Sasser and Blaster, according to alerts.
Network Associates' McAfee Antivirus Emergency Response Team and Symantec both said the new worm did not pose a serious threat, but issued software updates on Thursday to detect it.
Like Sasser, Plexus can exploit the recently disclosed hole in the Windows component called Local Security Authority Subsystem Service (LSASS) which Microsoft patched in April. Like the Blaster worm that appeared in August 2003, Plexus can also crawl through a hole in a Windows component called the Distributed Component Object Model (DCOM) interface, which handles messages sent using the RPC (remote procedure call) protocol. (See http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx and http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx.)
Plexus spreads in files attached to email messages with faked sender addresses and vague subjects such as "RE: order", "For you" and "Good offer". When users open the virus file, the worm is launched and alters the configuration of Windows so that the worm program runs each time Windows starts. It also scans the hard drive of infected computers, harvesting email addresses from a variety of files, including stored Web pages written in Hypertext Markup Language.
The worm then uses those email addresses to target other users, sending out a flood of messages using a built-in Simple Mail Transfer Protocol (SMTP) engine. It is also able to spread to other computers on a network using shared folders and the copies itself to the shared folder file on the KaZaa peer-to-peer network using a variety of file names, including Shrek_2.exe, playing on the popularity of the recently released animated film.
Antivirus companies recommended that Windows users who have not done so already apply software patches for the LSASS and DCOM and update their antivirus software to spot Plexus.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
F-Secure achieves excellent results in Internet security suite comparison 2008-10-10 14:37:00+10
M2M Connectivity announces the new Sierra Wireless MC8792V embedded module for 900 MHz 3G/HSPA networks 2008-10-10 08:51:00+10
Pitney Bowes MapInfo Launches New Version of AnySite 2008-10-10 05:58:00+10
IOGEAR Gears Up in Australia 2008-10-09 20:18:00+10
Internet Service Providers offer new unlimited Online Backup from F-Secure 2008-10-09 19:42:00+10
Enterprise Wireless WLAN Security
Learn more about the security challenges to be faced when defining and implementing security mechanisms within diverse wired and wireless network environments. Download this must-read guide to plan your wireless data protection strategy now.
