Advertisement
Promo

Security threats Toolkit

Dasher worm threatens Windows users

Dawn Kawamoto CNET News

Published: 19 Dec 2005 10:45 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A Windows-targeted worm that drops spying software on vulnerable PCs is spreading across the Internet, security experts have warned.

The Dasher.B worm exploits a flaw in Microsoft Windows Distributed Transaction Coordinator, or MDTC, security companies said on Friday. Microsoft announced and patched the hole in the component for transaction processing in October. However, initial glitches with the update may have left some users without a properly implemented fix, Sophos said.

"The worry is that the problems with the patch may have prevented it from being successfully rolled out onto some vulnerable computers," Graham Cluley, senior technology consultant at the security company, said in a statement.

Cluley noted that computers running Windows 2000 and those that have not been updated with MS05-051 face the greatest risk.

Dasher.B is a network worm that has the potential to open a back door on computers with the MSDTC flaw, security experts said. The infected systems are then prompted to connect to a remote computer for instructions. Once connected, it downloads a malicious program that tracks keystrokes.

"This new worm aims (to) install software that tries to infect other vulnerable systems, and that also can be used to log keystrokes and turn the computer into a remotely controlled 'bot' system," James Rendell, a technical product manager at Internet Security Systems, said in a statement.

A third version of the worm emerged on Friday: Dasher.C, which almost looks identical to Dasher.B, said Oliver Friedrichs, senior manager at Symantec's Security Response Center.

Three versions of Dasher — B, C and A, which emerged earlier this week — have infected at least 3,000 systems worldwide, Friedrichs said, noting the growth rate of the infection has since levelled off.

Security experts at Internet Security Systems expressed concern about the new worm and warned users to be vigilant.

The United Kingdom's computer emergency response team also issued an advisory Friday on Dasher.B, citing an update from the Australian CERT.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
66 out of 148 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

1 comment

  1. Yet one more good reason to switch to stable, secu... Oldator

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:










Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters