Linux Today: Linux News On Internet Time.

Windows worm numbers 'skyrocket'

Jan 19, 2009, 19:04 (32 Talkback[s])

"According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.

"It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service."
Funny how the elderly Unix system of file permissions and ownership foils this sort of attack quite neatly. Oh wait I forgot, malware authors only attack The Most Popular OS--ed.

Complete Story

Related Stories: