New Worm Counts On Admins Being Slow To Patch

In a twist from their usual methods, virus writers have written an exploit to a patch that Microsoft issued this week, hoping to take advantage of IT shops that are slow on the draw.

The usual trick has been zero-day exploits, where they wait until Microsoft issues its monthly patches and then drop the viral bomb one or two days later, knowing full well Microsoft won't be issuing a fix for a month.

In this case, hackers examined the fix in MS06-070 and whipped up their own worm in the hopes the hole won't be plugged for several days.

"Typically, people are a little bit wary at applying patches because they want to see how it's going to affect their environment," said Jonathan Bitle, manager of the technical accounts team at Qualys, an on-demand security provider that found the exploit. New Worm Counts On Admins Being Slow To Patch

Linked by shanmuga Friday, 17th November 2006 1:13AM