A computer worm disrupted the networks of U.S media organizations today, but has had no visible impact upon major web sites. The worm, which uses a vulnerability in Windows PnP to target Windows 2000 machines, knocked computers offline at CNN, ABC News and the New York Times. The damage appears to be limited to internal corporate networks, as the web sites of the U.S. Fortune 100 show no unusual outages, including the 18 companies in the index hosted on Windows 2000. Likewise, Britain's FTSE 100, which has 36 sites running on Win2K, shows no suspicious performance problems either.
Working exploits for new Windows vulnerabilities began appearing on the Internet last Thursday, just two days after the security holes were outlined in Microsoft's monthly security advisory. Over the weekend the Zotob worm appeared, compromising unpatched Windows 2000 machines.
Security firms Trend Micro and F-Secure reported new malware variants exploiting the PnP hole, while contributors to the Full Disclosure mailing list reported a worm as well. "Likely this is an isolated event, which became newsworthy because CNN got infected," noted the Internet Storm Center. "We do not see any new threats at this point. Zotob keeps mutating and finding new victims. As seen with prior TCP worms, it is reaching its peak around 3 days after the outbreak."