New Nimda worm could be more dangerous than Code Red

September 21, 2001

A new Internet worm spreads to both servers and PCs running Microsoft software flooding the Internet with data.

Known as "Nimda" or "readme.exe," the worm armed with a laundry list of well-known vulnerabilities in desktop and server software from Microsoft Corp. Nimda has duplicated itself on Web sites and in electronic mail in-boxes across the Net.

To spread over the Net, the malicious code sends an e-mail message with the worm in an attachment, scans for and then compromises vulnerable servers, jumps to shared hard drives on a network, and sends itself to any surfer whose browser requests a Web page from an infected server.

An FBI spokesperson said the agency was "assessing" the incident, but thus far it found no connection between the online flood and last week's terrorist attacks on the World Trade Center and the Pentagon.

The worm is rapidly spreading in the wild at an exceptional rate and many security experts are worried that home computer users will not secure their PCs.

Microsoft has already released the patches for both servers and desktop computers:
Patch for ISS servers: click here
Patch for desktop computers: click here

Most anti-virus vendors have also released updates and tools for cleaning infected computers, available from the relevant web sites.