Security experts have recently discovered three variants of the Dasher worm that exploit a critical vulnerability in Microsoft's Windows Distributed Transaction Coordinator (DTC). It was patched by Microsoft in October. The worm targets Windows 2000 systems.
Officials at Symantec discovered the first two variants, Dasher.A and Dasher.B, on Thursday; the third, Dasher.C, was discovered today.
While the DTC vulnerability affects several versions of Windows, including Windows XP and Windows Server 2003, Microsoft officials said in their October advisory that primarily Windows 2000 systems were at risk from the vulnerability.
On Windows XP SP1 and Windows Server 2003, the attacker needs valid logon credentials before exploiting the vulnerability, while unpatched Windows 2000 machines can be exploited over the Internet.
Because the exploit centers around Windows 2000, corporations, its biggest user base, are most at risk. Dasher's dash through the corporate world hinges primarily on the fact that security administrators are not getting the Microsoft patch out to employee machines.
This article was first published on InternetNews.com. To read the full article, click here.
Loading Comments...