Skip to main content
  1. Home
  2. Computing
  3. News

Trend Micro: Windows Worm ZOTOB a Threat

By

Tokyo-based Internet and security firm Trend Micro reports a new Windows worm, dubbed ZOTOB, has appeared which exploits "critical" security holes in Microsoft’s Windows 95, 98, NT, ME, 2000, and XP operating systems which Microsoft patched just last week. The worm, detected in both the United States and Germany, can block infected users’ access to antivirus sites and give attackers access to infected systems.

So far, Trend Micro reports two variants (ZOTOB A and B) have been discovered. Both take advantage of Microsoft’s Plug and Play technology to propagate across networks; when the worm detects a vulnerable system, it attaches a script to that system which downloads the worm from a clandestine FTP server on the infected machine. Once installed, the worm modifies the system’s HOSTS file to interfere with user’s connecting to specific antivirus Internet sites. The worm also opens a backdoor which enable the computer to receive commands via IRC channels on specific servers; worm variants A and B connect to different IRC servers. Once installed, all data on the infected system is accessible to remote attackers; remote users could also take control of infected systems.

Recommended Videos

To avoid infection by the ZOTOB worms and (undoubtedly) future malware which attempts to exploit the same Windows vulnerabilities, users should make sure their antivirus software is up-to-date and install the latest Microsoft security updates to ensure their systems are not vulnerable to these attacks. The rapid appearance of the ZOTOB worm shortly after Microsoft released system patches emphasizes how critical it can be for Windows users to install security updates promptly and maintain security software. If ZOTOB proves anything, it’s that malware exploiting vulnerabilities in Windows operating systems will appear on the Internet almost instantaneously once the vulnerabilities become widely known outside the computer security industry.

Editors' Recommendations

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Windows 11 could be hurting your gaming performance
Overwatch 2 running on the LG OLED 27 gaming monitor.

If you’ve been wondering why your beefy graphics card hasn’t been performing as well as it should in Windows 11 or Windows 10, the answer could be Microsoft’s Virtualization Based Security (VBS). According to testing done by Tom’s Hardware, VBS could cause gaming performance to drop by as much as 10%.

In a suite of fresh benchmarks, Tom’s Hardware tested 15 different games, from Cyberpunk 2077 to Red Dead Redemption 2, both with VBS enabled and with the feature turned off. In some games, the results could be cause for concern.

Read more
The latest Windows update is causing major printer problems
A Dell laptop with Windows 10 sitting on a desk.

Microsoft is now offering Windows 10 users a workaround for an issue that has come along with a mid-July update.

The KB5015807 update, which rolled out on July 12 and includes OS Builds 19042.1826, 19043.1826, and 19044.1826 all have a glitch that affects printers connected to computers running Windows 10. After the update is installed, you might see multiple printer listings available when you only have one product.

Read more
Windows 11 now stops brute force cyberattacks right in their tracks
Two windows laptops sit on a wooden table.

Not all threats to your computer come from viruses and dodgy emails. Some people will simply try to smash their way into your PC by generating as many passwords as possible until they gain access, like a lock picker. Windows 11 can now stop that.

The most recent Windows 11 build blocks these brute force attacks with an Account Lockout Policy. Windows will automatically lock down accounts, including administrator accounts, after 10 failed login attempts.

Read more