Zotob Worm

[MrBishop]

Time to patch up boys and girls. I hear that it took down CNN for a bit...not nice!!

 

[MrBishop]

More good news

 

[HomeLAN]

I was listening to the CNN TV feed on the way home, and it was the funniest thing I heard today.

Watch my laptop shit itself off, Bob! Now look, I'll fire it back up and key in my login info - still plugged into the network, and lookie what it does!

I about pissed myself laughing.

 

[Luis G]

Behind NAT only forwarding 100 ports to my puter, and behind zonealarm.
I guess I'm pretty safe

What happened HL, you had no firewall? (the article says it attacks on port 445).

 

[Inkara1]

I just think it's funny the guy said "shit itself off"

 

[Liliandra]

hehe

 

[Luis G]

btw, anyone getting spoof warnings?

I'm getting something like this (can't check 'cause it hasn't happened today and i reset the log):
source: 192.168.1.1 port 0, destiny: 224.0.0.1 port 0

 

[HomeLAN]

No, Luis, I'm fine. I was quoting the CNN goober.

As far as "shit" vs. "shut", fruedian skid.

 

[Inkara1]

A Freudian skid... that would result in Freudian skid marks?

 

[greenfreak]

Affected Software:

•Microsoft Windows 2000 Service Pack 4 – Download the update

•Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 – Download the update

•Microsoft Windows XP Professional x64 Edition – Download the update

•Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 – Download the update

•Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems – Download the update

•Microsoft Windows Server 2003 x64 Edition – Download the update

Non-Affected Software:

•Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

The software in this list has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support life cycle for your product and version, visit the Microsoft Support Lifecycle Web site.

Ok so I have 60+ servers on Windows 2000 SP3. By the above description, that means that either:

A. W2K SP3 servers are not affected by the vulnerability (unlikely)

or

B. They are affected but we aren't giving you a patch for them. (likely)

Which do you think it is??

This is a really great time for my Sr. Network Admin to be on vacation. If I have to upgrade 60 Service Packs and patches by myself, I'm going to be here a while.

 

[chcr]

A Freudian skid... that would result in Freudian skid marks?

Hang on for a second, I'll check.