The worm is thought to be a variant of a virus known as Zotob, which targets computers that contain an unpatched Plug and Play vulnerability. The Plug and Play facility simplifies the process of adding hardware to PCs.
Microsoft warned of the flaw in a security bulletin published last week and issued a patch to protect against attack, but Zotob, and its variants, have hit the internet with remarkable speed.
According to Microsoft, Zotob only targets Windows 2000. Customers running other versions such as Windows XP, or customers who have applied Microsoft’s MS05-039 update to Windows 2000 are not impacted by the attack.
Signs of infection include a constant rebooting of the infected computer and a slowdown in the computer network as the worm looks for other PCs to infect.
The software giant believes that Zotob has had a low rate of infection, and indeed, at the time the virus was first detected security firms regarded the worm as a low threat, in view of its focus on Windows 2000 only. But the threat levels in respect of the worm have now been increased, following successful attacks on some well-known firms.
Broadcasters CNN and ABC were affected by the worm for several hours yesterday, according to reports, with ABC writers being forced to use electronic typewriters in order to prepare for the “World News Tonight” broadcast.
Top US telco SBC Communications and media firms the Financial Times and the New York Times were also hit.
"The only good thing which might come out of this high profile worm outbreak is that more people and businesses may wake up to the importance of properly protecting their systems from viruses and internet worms," said Graham Cluley, senior technology consultant at Sophos. "All companies should take a long hard look at their networks and ask, 'could that have happened to us?'"
“There is no need for panic or hysteria,” he added. “Everyone should ensure that their anti-virus software automatically updates itself, that they have a strong firewall in place, and that they have installed the latest Microsoft security patches."
