News

Unpatched Systems at Risk From Worm, Microsoft Says

Microsoft is seeing an increase in the number of malware attacks exploiting a security hole supposedly addressed by a recent patch.

Microsoft is seeing an increase in the number of malware attacks exploiting a security hole supposedly addressed by a recent patch, the company announced on Wednesday.

The problem stems from a worm dubbed "Win32/Conficker.A." The worm will "propagate on random computers" in an affected Windows-based network, according to Microsoft.

"Recently we've received a string of reports from customers that have yet to apply the update and are infected by malware," said Microsoft Security Response Center spokesman Bill Sisk in an e-mail. "These most recent reports have a common malware family and we urge people who haven't patched their systems to patch them immediately or as soon as possible."

Redmond's concerns had prompted the company to issue an out of band patch to address the problem in late October.

The security hole, and Microsoft's related hotfix, centers on remote procedure call (RPC) technology, which allows subroutine code to execute on other computers in a shared network. What's unique about this RPC vulnerability is that subroutines can be executed without programmer interference. It allows an almost automatic remote interaction between CPUs in a shared processing environment.

One security expert maintained that there is little to be concerned about, that is, unless your system is unpatched.

Randy Abrams, director of technical education at security firm ESET, said that although the vulnerability is bad "there are several mitigations, including disabling file and print sharing, which is generally a baseline sane practice."

Abrams also suggest that the proper use of firewalls wouldn't hurt either.

"The real threat is not worms," he said. "Worms are only automation and they tend to make a lot of noise. Any vulnerability that a worm can exploit can also be exploited by a Trojan, or manually by a skilled hacker. The hacker is far more likely to go undetected and capable of causing far greater harm."

This type of client-side bug is a textbook example why defense-in-depth security practices should be followed by IT pros and individual users alike.

Microsoft offers further details on the specific threats and workarounds in this link.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • MIT Finds Only 1 in 20 AI Investments Translate into ROI

    Despite pouring billions into generative AI technologies, 95 percent of businesses have yet to see any measurable return on investment.

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.