The Zotob worm

Posted by: ST on August 17, 2005 at 8:40 pm

What you should know:

Zotob is a worm that targets Windows 2000–based computers and takes advantage of a security issue that was addressed by Microsoft Security Bulletin MS05-039. This worm and its variants install malicious software, and then search for other computers to infect.

If you’re unsure of whether or not you have this security update, the best thing to do is scroll down on the page I linked to above, and run the Microsoft Windows Malicious Software Removal Tool to make sure you’re computer doesn’t have any variant of this worm.

Once you run the scan, you’ll see a list on your screen alerting you as to the results. If your computer comes up clean, go to this page and download Microsoft Security Bulletin MS05-039 (if you don’t have it already). There is a list of links on that page for the Microsoft Windows software that this worm could affect.

As Michael King notes, this worm presents a very serious security threat to your computer:

A new and particularly virulent variety of the Zotob virus has affected computers running the Microsoft Windows 2000 operating system this afternoon.

According to broadcast reports, this is the fastest propagating virus in history. CNN says that their computers in New York and Atlanta are affected, as are computers used by other media organizations, including The New York Times and ABC News.

Systems affected by this virus will shut down with no warning, and in other cases, prohibit systems from booting.

I’ve run scans on both my laptop and desktop and made sure that security update was on them both. I encourage anyone reading this to do the same.

RSS feed for comments on this post.

3 Responses to “The Zotob worm”


  1. Mark C says:

    I am responsible for the security at my employer and I can tell you this has not affected us. I would like to take exception with “the fastest propagating worm in history”. How are they measuring “fastest” – the most people? Hardly. the most widely distributed, again everything about equal. Microsoft still says this is propagating “slowly” because it can only affect perhaps 20% of the computers out there (if they are unpatched).

    I suspect it’s so “henious” a worm because it attacked major news organizations. When you get ABC and CNN inconvenienced, you’ll get called names.

  2. Hi Mark – as far as I know, none of the offices for the company I work for were affected, either. I’m not sure how this was supposedly the fastest spreading worm in history, considering what I read from this story.

    Typical overhype for the media, perhaps?

  3. Craig Lueschow says:

    I do it one better. I am impervious to worms, trojans, and viruses. I use linux. 😀