Sept 19, 2001 - "Nimda" Virus Strikes Hard |
|
A malicious computer worm that flooded the Internet Tuesday, is still causing
massive destruction to networks worldwide today. The worm named "W32.Nimda" or "Nimda" or "readme.exe" affects Web servers using Microsoft Internet Information Server (IIS) software, and is spread using Microsoft Outlook email clients, as well as other email clients such as Eudora, and to other users within the same network. The affects of the worm has resulted in network outages throughout the Internet worldwide. Various desktop computers, servers and networks using Linux, Unix, Novell, Windows, Macintosh and others have been affected by "Nimda" so far. The extent of the damage can be seen throughout the Internet, with very poor Internet connectivity, damaged websites, an inability to connect to various host servers, mail servers, and websites. The "Nimda" virus relies on email clients to self-propagate, and has also been reported to infect users accessing virus infected websites. Once the virus is triggered, the "Nimda" code generates massive scans of entire networks looking for Microsoft IIS servers, but in effect overwhelms other networks in the process. Because of the immense traffic generated by the virus, network routers around the world are either brought down, or slowed to a halt. The extent of Nimda's capabilities and ability to damage other components such as computer hard drives or operating systems is still being investigated by the FBI, and security experts. To read more about the "Nimda" virus and its effects, please go to the following links: (note: you may have difficulties with accessing some of these websites) CNN.com - Aggressive new worm threatens Web users CNET News.com - "Nimda" worm strikes Net, e-mail CNET News.com - Home users face biggest risk from Nimda CNET News.com - Net security coalition issues Nimda warning CNET News.com - Nimda worms seen in China CNET News.com - Nimda worm vexes computers worldwide CNET News.com - New worm slows some Internet operations ZDNet News - Lethal worm spells double trouble Symantec Security Response - W32.Nimda.A@mm McAfee AVERT - W32/Nimda@MM Central Command - Latest News & Virus Alerts Microsoft TechNet - Information on the "Nimda" Worm A Warning Issued By Symantec, "...the worm will create an open network share allowing access to the system. The worm will also attempt to spread via open network shares." Please update your anti-virus software and run a system scan, and install the latest patches to prevent being infected by any of these viruses. Servers running IIS must have the latest Code Red II patch installed. Also, please minimize your Internet related activities, such as browsing, and emails for the next few days until the problems have been resolved completely. Refer to your news source for more information. |