Worm Burrows Into Network Flaw

GENERIC Computer Worm, Virus, Internet, Network
A computer worm targeting corporate networks with the Windows 2000 operating system arrived less than a week after Microsoft Corp. warned of the security flaw.

As experts predicted, the Windows hole proved a tempting target for rogue programmers, who quickly developed more effective variants on a worm that surfaced over the weekend and had snarled computers at several large companies by Tuesday.

Among companies affected were ABC, CNN, The Associated Press, The New York Times and Caterpillar Inc. In California, San Diego County said it needed to cleanse 12,000 computers of the bug. The Wall Street Journal reported that ABC news producers had to use electric typewriters Tuesday to prepare copy for their "World News Tonight" broadcast.

The worm is causing the most problems at companies with large, networked computer systems, rather than among individual computer users, David Perry, a security analyst at Trend Micro Inc., a computer security company, said Tuesday.

"Although this worm hasn't infected as many computers as some previous worms, there is a danger it could continue to spread, especially if worm writers continue to release new variations," said Technology Consultant Larry Magid.

Microsoft Corp. released a "critical" patch Aug. 9 for the vulnerability, which is most severe on Windows 2000 systems. Those computers can be accessed remotely through the operating system's "Plug and Play" hardware detection feature. Protective patches, plus instructions for remedying infected systems, are posted on Microsoft's Web site.

"The worm can open up a back door in your computer, making you vulnerable to an intruder," said Magid. "Not only can your security be jeopardized, but your computer can be turned into a zombie being used to infect other computers or even to send out spam."

The current batch of viruses and worms all have something in common, says Trend Micro spokesman David Perry, in an interview with's Larry Magid. Click here to listen to the interview.

Companies that were slow to bolster their systems when Microsoft issued its security alert about the flaw may have left themselves vulnerable to the worm, said David Maynor, a security researcher with Atlanta-based Internet Security Systems Inc.