» Home     » How To…   » Site Map   » Contact Us 
 Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
Your location: Home > News archives > ZoTob Worm Alert for Windows Users
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

ZoTob Worm Alert for Windows Users

The following announcement is made by SCS Computing Facilities:

There is a new Internet Worm making the rounds, called ZoTob. The worm uses an exploit for the vulnerability patched by MS05-039 (KB899588). Vulnerability within the Plug and Play service in Windows can allow a remote attacker to run arbitrary code and take over the system.

You need to protect your computer from this Worm by running Windows Update and patching your system. If you see the update icon in the taskbar (yellow shield with an exclamation point inside it on Windows XP SP2, Globe in Windows 2000 and Windows XP SP1), click on it to install the updates or go to http://windowsupdate.microsoft.com

IMPORTANT

You must reboot for the patches to take effect.

After running the updates, the patch installation can be verified by :

  • Open Control Panel
  • Open Add / Remove Programs
  • If using windows XP, Service Pack 2, click the "Show Updates" check box
  • Scroll down and look for one of the following:
    • Updates with a date of 8/10/2005
    • "Security Update for Windows XP (KB899588)" or "Security Update for Windows 2000 (KB899588)"

After running and verifying the Windows updates, please verify / update your Symantec Anti-Virus definitions.

The most recent Symantec definitions that will detect this threat are:

8/14/2005 rev. 16

If a date OLDER than that above is listed, open the Symantec Anti-Virus console (shield with a cross in it) and click the LiveUpdate Button to begin the update wizard.

Please contact the SCS Help Desk at x8-4231 or send mail to

help+@cs.cmu.edu with any questions or concerns.

Thank you for your attention,

SCS Help Desk




 This site is maintained by SCS Computing Facilities; send comments to help@cs.cmu.edu.
 Accessibility information  © Carnegie Mellon School of Computer Science