The Dasher.B worm exploits a flaw in Microsoft Windows Distributed Transaction Coordinator, or MDTC, security companies said Friday. Microsoft announced andin October. However, , Sophos said.
"The worry is that the problems with the patch may have prevented it from being successfully rolled out onto some vulnerable computers," Graham Cluley, senior technology consultant at the security company, said in a statement.
Cluley noted that computers running Windows 2000 and those that have not been updated with MS05-051 face the greatest risk.
Dasher.B is a network worm that has the potential to open a back door on computers with the MSDTC flaw, security experts said. The infected systems are then prompted to connect to a remote computer for instructions. Once connected, it downloads a malicious program that tracks keystrokes.
"This new worm aims (to) install software that tries to infect other vulnerable systems, and that also can be used to log keystrokes and turn the computer into a remotely controlled 'bot' system," James Rendell, a technical product manager at Internet Security Systems, said in a statement.
A third version of the worm emerged Friday, Dasher.C, which almost looks identical to Dasher.B, said Oliver Friedrichs, senior manager at Symantec's Security Response Center.
Three versions of Dasher--B, C and A, which emerged earlier this week--have infected at least 3,000 systems worldwide, Friedrichs said, noting the growth rate of the infection has since leveled off.
Security experts at Internet Security Systems expressed concern about the new worm and warned users to be vigilant.
The United Kingdom's computer emergency response team also issued an advisory Friday on Dasher.B, citing an update from the Australian CERT.