By Reed Stevenson
Several new computer worms were being blamed for causing computer
system outages at some media outlets and companies in the United
States on Tuesday.
The worms, including two called "IRCBOT.WORM" and "RBOT.CBQ," exploit
a recently discovered flaw in Microsoft Corp.'s Windows 2000 operating
system and were causing personal computers at more than 100 U.S.
companies to restart repeatedly and potentially exposed them to
attackers who could take control of a system.
"This is the most significant threat we've seen in at least 12
months," said Vincent Gullotto, vice president of the anti-virus
emergency response team at McAfee Inc.
But Symantec Corp. and McAfee, the top two computer security
companies, as well as Microsoft, said that damage to computer systems
on Tuesday was limited and was not likely to cause widespread havoc
like other malicious software programs such as SQL Slammer and MyDoom.
CNN, breaking into regular programming, reported on air that personal
computers at the cable news network were affected by a worm that
caused them to restart repeatedly.
The New York Times and ABC News also reported system outages earlier
on Tuesday, causing some to suspect that another recent worm called
"Zotob" was behind Tuesday's outages.
Gullotto said, however, that the newly discovered worms were different
from Zotob, even though they all, including Zotob, appeared to exploit
the same vulnerability in the "Plug-and-Play" feature in Windows 2000,
which runs on less than half of the world's personal computers.
Microsoft, which warned users last week of three newly found
"critical" security flaws in its software, urged users to update the
software on their personal computers to prevent them from being
Microsoft said users with properly updated software, anti-virus
software and a firewall can avoid being infected by the worm, a
malicious software program that replicates itself over a computer
The new "IRCBOT.WORM" and "RBOT.CBQ" worms were different in that they
could be controlled by IRC servers, or networked computers that manage
chat sessions over the Internet, other security experts said.
"We haven't seen any huge uptick or impact today," said a spokeswoman
with Microsoft's security unit, "a fairly small number of customers
are being impacted."
Symantec said that it has heard from at least 100 organizations that a
group of about eight viruses were targeting individual organizations
and was not the Internet as a whole.
"This is not across the Internet but inside organizations," said David
Cole, a product management director at Symantec.
CNN , a division of Time Warner Inc., said that computer systems at
General Electric Co., United Parcel Service Inc. and Caterpillar Inc.
were affected by system outages as well.
A GE spokesman said that there appeared to be no problems with GE's
internal network, while UPS said that only a small number of its
computers were affected by a worm or system outage.
"There is no impact whatsoever on operations, customer-facing computer
systems, service or delivery," said UPS spokesman Norman Black.
Caterpillar officials were not immediately available for comment.
ABC is a division of Walt Disney Co.=20
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new