Worm warning intensifies

Security companies urged clients to patch their Windows systems, as concerns heightened that an MSBlast-like worm would be released soon--perhaps even as early as this weekend, according to one firm. As previously reported, the worries are driven by the release of several effective programs for exploiting a widespread vulnerability in a security function of Windows, known as the Local Security Authority Subsystem Service, or LSASS. The programs, known as exploit code, have also been integrated into remote attack software known as bot software, a move widely considered to be the penultimate stage in a code's engineered evolution from simple script to full-blown worm.

On Friday, network protection company Lurhq released an advisory to its clients, saying there was a "high probability that a worm may be released in the next 24 to 48 hours."

Security company Symantec has also warned customers that attacks that exploit the LSASS vulnerability are climbing. On Thursday, the company informed clients that two of its "honeypot" servers--computers that aren't used for business but to attract malicious programs and detect new threats--had been compromised by bot software within minutes of each other.

Read Full Story