[August 17, 2005] IMlogic Threat Center Reports IM Accelerating the Propagation of Zotob and IRCbot Worms Causing Widespread Infection of Windows Machines; offers immediate guidelines for protection Tweet --(Business Wire)-- IMlogic-- WHAT: Industry leader IMlogic (www.imlogic.com) is warning customers that Zotob and IRCbot worms are using instant messaging technology to wreak havoc on infected machines taking advantage of a Windows 2000, XP and Server 2003 vulnerability. The vulnerability is caused by a flaw in the Windows operating system which allows hackers to exploit the "plug and play" capability of the Windows system. The vulnerability can be exploited by an infected machine creating a denial of service attack on other vulnerable machines. By leveraging a chat channel, the initiating hacker gains access to a host machine, leveraging it to attack other networked machines. Once successfully executed, the vulnerability allows a hacker to impact a number of systems, including stealing system info or the most damaging impact of forcing an infected computer into a continual reboot. To learn more about the Zotob and IRCbot worms visit the IMlogic IM and P2P Threat Center at: http://www.imlogic.com/im_threat_center/index.asp Initially rated a "low" risk by most security industry threat centers, the rapid propagation of the Zotob and IRCbot worms motivated most providers to increase the risk level. The worm appears to lay quiet on an infected machine until prompted into action by the hacker. The messaging channel opened up by the worm appears to await direction prior to disrupting system activity or propagating itself on the network. IMlogic automatically protects customers against emerging IM threats by providing automatic security policy updates to IMlogic IM Manager from the IMlogic Threat Center, the industry's first and leading IM & P2P threat center. IMlogic also recommends organizations protect themselves by ensuring all desktop antivirus solutions are updated, the latest security patches have been applied to all desktop systems, and that all out of date IM clients have been blocked from accessing the relevant IM networks. Organizations should also leverage their current firewall security products to block unwanted peer-to-peer and chat technologies. WHO: Experts from the IMlogic Threat Center can speak with technology and business reporters, industry analysts, enterprises, partners or anyone concerned about the impact of this threat. IMlogic can also offer commentary involving increased risk from IM worms, viruses and other security threats related to the growing popularity of IM use within enterprise. MORE INFO: Learn more at IMlogic's Threat Center: http://www.imlogic.com/im_threat_center/index.asp. Disclaimer The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. IMlogic, IMlogic products and IMlogic IM Manager are trademarks of IMlogic Corporation and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners. [ Back To TMCnet.com's Homepage ]