It looks as though two different variations on the Zotob exploit were just released. It is routing it’s way through Windows NT/2000 servers and NT/2000/XP (without Service pack 2) computers that are networked with Internet access. It is recommended you update your virus scanning software with the latest definition. It’s even worming it’s way into part of CNN’s New York Bureau. The payload is reported to be automatic shutdowns and reboots that repeat.
Patch ‘em if you got ‘em.
Link: What You Should Know About Zotob.
What You Should Know About Zotob
Zotob.A is a worm targeting Windows 2000-based systems which takes advantage of a security issue that was addressed by Microsoft Security Bulletin MS05-039. This worm installs malicious software, and then looks for other computers to infect.
Important If you have installed the update released with Security Bulletin MS05-039, you are already protected from Zotob.A. If you are using any supported version of Windows other than Windows 2000, you are not at risk from Zotob.A.
As part of our Software Security Incident Response Process, our investigation has determined that only a small number of customers have been affected, and Microsoft security professionals are working directly with them. We have seen no indication of widespread impact to the Internet. Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside of the United States should contact the national law enforcement agency in their country.
