Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Classic

Zotob Worm

According to The Sans handlers diary, a worm exploiting one of the security vulnerabilities disclosed last week by Microsoft, is in the wild and spreading. The worm tagged as zotob.a exploits the ms0…

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

According to The Sans handlers diary, a worm exploiting one of the security vulnerabilities disclosed last week by Microsoft, is in the wild and spreading. The worm tagged as zotob.a exploits the ms05-039 vulnerability. (Sans reminds us that ms02-039 was the vuln. targetted by the slammer worm. Interesting coincidence.)

They are still at infocon yellow. (Note the infocon graphic at the bottom of each page.)


The moral of the story, again, is to make sure you've installed the patches on your systems. This is said not to affect Windows XP sp2 or windows server 2003, due to malformed username/password combination. Of course, virii are frequently modified and improved so I would hesitate to be comfortable. Windows update to make sure you're protected.

The securityfix has this too.