ZoTob Worm Alert for Windows Users
The following announcement is made by SCS Computing Facilities:
There is a new Internet Worm making the rounds, called ZoTob. The worm uses an exploit for the vulnerability patched by MS05-039 (KB899588). Vulnerability within the Plug and Play service in Windows can allow a remote attacker to run arbitrary code and take over the system.
You need to protect your computer from this Worm by running Windows Update and patching your system. If you see the update icon in the taskbar (yellow shield with an exclamation point inside it on Windows XP SP2, Globe in Windows 2000 and Windows XP SP1), click on it to install the updates or go to http://windowsupdate.microsoft.com
You must reboot for the patches to take effect.
After running the updates, the patch installation can be verified by :
- Open Control Panel
- Open Add / Remove Programs
- If using windows XP, Service Pack 2, click the "Show Updates" check box
- Scroll down and look for one of the following:
- Updates with a date of 8/10/2005
- "Security Update for Windows XP (KB899588)" or "Security Update for Windows 2000 (KB899588)"
After running and verifying the Windows updates, please verify / update your Symantec Anti-Virus definitions.
The most recent Symantec definitions that will detect this threat are:
8/14/2005 rev. 16
If a date OLDER than that above is listed, open the Symantec Anti-Virus console (shield with a cross in it) and click the LiveUpdate Button to begin the update wizard.
Please contact the SCS Help Desk at x8-4231 or send mail to
firstname.lastname@example.org with any questions or concerns.
Thank you for your attention,
SCS Help Desk