- 3,823
Home PCs at most risk from Nimda
Antivirus experts say that most businesses now have a handle on blocking Nimda infections. It's home users-and their lax security protection--that have them worried.
By Robert Lemos, ZDNet News
As antivirus experts complete a more detailed analysis of the Nimda worm and companies clean up their networks on Wednesday, several security groups are worried that home computer users will not secure their PCs.
A coalition of government security officials and antivirus software industry experts released a warning to home computer users on Wednesday morning to take Nimda--and the security of their computer systems--seriously.
Nimda--which is "admin," the shortened form of "system administrator," spelled backwards--started spreading early Tuesday morning and quickly infected PCs and servers across the Internet. Also known as Readme.exe and W32.Nimda, the worm is the first to use four different methods to infect not only only PCs running Windows 95, Windows 98, Windows Me and Windows 2000, but servers running Windows 2000 as well.
The worm spreads by e-mailing itself as an attachment, scanning for--and then infecting--vulnerable Web servers running Microsoft's Internet Information Server software, copying itself to shared disk drives on networks, and appending Javascript code to Web pages that will download the worm to Web surfers' PCs when they view the page.
The e-mail attachment will open automatically under Microsoft's Outlook e-mail program if the program's security settings are at "low" and a security patch has not been installed. On PCs that don't use Outlook, the worm can still spread using its own e-mail engine, but it won't execute automatically.
Antivirus experts say that most businesses now have a handle on blocking Nimda infections. It's home users-and their lax security protection--that have them worried.
By Robert Lemos, ZDNet News
As antivirus experts complete a more detailed analysis of the Nimda worm and companies clean up their networks on Wednesday, several security groups are worried that home computer users will not secure their PCs.
A coalition of government security officials and antivirus software industry experts released a warning to home computer users on Wednesday morning to take Nimda--and the security of their computer systems--seriously.
Nimda--which is "admin," the shortened form of "system administrator," spelled backwards--started spreading early Tuesday morning and quickly infected PCs and servers across the Internet. Also known as Readme.exe and W32.Nimda, the worm is the first to use four different methods to infect not only only PCs running Windows 95, Windows 98, Windows Me and Windows 2000, but servers running Windows 2000 as well.
The worm spreads by e-mailing itself as an attachment, scanning for--and then infecting--vulnerable Web servers running Microsoft's Internet Information Server software, copying itself to shared disk drives on networks, and appending Javascript code to Web pages that will download the worm to Web surfers' PCs when they view the page.
The e-mail attachment will open automatically under Microsoft's Outlook e-mail program if the program's security settings are at "low" and a security patch has not been installed. On PCs that don't use Outlook, the worm can still spread using its own e-mail engine, but it won't execute automatically.