Security Labs

Alerts

BOOKMARK THIS ALERT
  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

Old Worm Learns New Tricks

Date:04.06.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs™ has obtained a new variant of an old worm called Neeris. The new variant, called "Neeris.gen!C", has taken note of the recent attention on Conficker, and has adapted some of its techniques. Websense proactively protects its customers from this worm.

The new Neeris variant now spreads via the Microsoft vulnerability MS08-067 which was patched in October 2008, but continues to cause problems for unpatched Windows machines. In addition to exploiting the same vulnerability as did Conficker, the new Neeris variant adopted Conficker's strategy of spreading via autorun and a deceptive AutoPlay option on USB media devices. It also spreads via weak SQL server passwords.

Websense® Messaging and Websense Web Security customers are protected against this attack.