CNET también está disponible en español.

Ir a español

Don't show this again

HolidayBuyer's Guide
Tech Industry

Week in review: Worm wallops Windows

It seemed harmless at first, but mutant versions of Zotob turned out nasty. Are warring hackers to blame?

A new worm initially thought to be pretty harmless ended up mutating into a series of worms that could shut down Windows PCs, leading some to believe that a war among hackers was to blame.

The original Zotob.A was unleashed over the weekend, wreaking relatively little havoc. As of Monday morning on the West Coast, the original worm had infected about 50 computers worldwide, and the first variant, Zotob.B, had compromised about 1,000 systems.

However, by Tuesday the worm had evolved into a greater annoyance, shutting down computers running Microsoft's Windows 2000 operating system. Computers across the United States were hit, including those at cable news station CNN, television network ABC and The New York Times. Symptoms of infection include the repeated shutdown and rebooting of a computer.

Without any user interaction, the worms can infect unpatched Windows 2000 systems that aren't protected by a firewall. The worms typically install a shell program on the computer to download the actual worm code using FTP, or File Transfer Protocol. The newly infected system then starts searching for new computers to compromise.

The worm, which has spawned several variants, exploits a hole in the plug-and-play feature in the Windows operating system. It surfaced only days after Microsoft offered a fix for the "critical" bug as part of its monthly patching cycle.

Some at CNET News.com found irony in some media outlets' coverage of the worm. "CNN should be embarrassed," wrote Timothy Beckner in News.com's TalkBack forum. "Their IT people could have patched them last week."

Some theorize that the recent surge in worms could be part of an underground battle to hijack PCs for use in Net crimes. Signs of a turf war between cybercrooks lie in the behavior of the worms that have emerged since Sunday, said Mikko Hypponen, chief research officer at F-Secure, a Finnish security software company.

The dozen or so worms and variants all exploit the same security hole, but some versions undo the effects of earlier worms, suggesting that the creators are battling to take over computers that others have already compromised, Hypponen said.

"We seem to have a bot war on our hands," Hypponen said. "There appear to be three different virus-writing gangs turning out new worms at an alarming rate, as if they were competing to build the biggest network of infected machines."

In response to the havoc, Microsoft made available a free software tool to help victims of worms that hit Windows computers in the past days clean their systems. The tool can be run online through Microsoft's Web site or downloaded from the Microsoft Download Center.

Microsoft's moves did little to assuage the anger some CNET News.com readers feel toward the company's executives. "How (Bill) Gates and (Steve) Ballmer get any sleep every night is beyond me," wrote Carl Johnson in News.com's TalkBack forum. "These "critical" situations are affecting people's lives in dramatic ways..."

Meanwhile, Apple Computer released what seems to be one of its larger security updates for Mac OS X, doling out fixes for 44 flaws. Still, only a handful of the vulnerabilities are of major concern, according to security analysts. The package of fixes was released Monday.

By comparison, Apple last May released an update for 20 vulnerabilities and in March distributed an update for a dozen flaws. The flaws affect Apple's Mac OS 10.3.9 and 10.4.2 operating system software and related server software.

However, Apple's security fixes appear to break support for 64-bit applications in the operating system, according to Wolfram Research, maker of the Mathematica computation software. It's unclear whether applications other than Mathmatica's are affected.

Apple did not comment on the problem Wednesday, but early Thursday morning the company said it had released a new security update that fixes the issue. "We have issued a new version of the 2005-07 security update which resolves an issue affecting 64 bit applications," an Apple representative said in an e-mailed statement.

Porn to run?
The old adage is that "sex sells," but some on the Internet and gaming world are finding it a tough sell.

The creation of a .xxx domain was put on hold after the Bush administration said it has concerns about a virtual red-light district reserved exclusively for Internet pornography. The Commerce Department asked for a hold to be placed on the contract to run the new top-level domain until the .xxx suffix can receive further scrutiny. The domain was scheduled to receive final approval Tuesday.

Other governments also have been applying pressure to ICANN in a last-minute bid to head off .xxx. A letter from ICANN's government advisory group sent Friday asks for a halt to "allow time for additional governmental and public policy concerns to be expressed before reaching a final decision."

A final decision on the fate of the .xxx domain now will not happen until September. The board of directors of the nonprofit group that oversees domain names said that it would delay a vote until its next meeting, on Sept. 15.

The move by the Internet Corporation for Assigned Names and Numbers (ICANN) was expected after ICM Registry, the Florida company that plans to operate .xxx, agreed to a month's delay.

Some News.com readers expressed shock that the domain's approval was put on hold. "It should be *mandatory* for porn sites to be in .xxx and not .com or others," wrote reader Joe Klein in News.com's TalkBack Forum. "It would make it so much easier to block these sites and much less likely to just stumble onto these sites like many people do."

Game developers are pretty sensitive to the subject of sex these days. The International Game Developers Association has formed a special interest group to look at issues related to sexually oriented video games.

Dubbed Sex SIG, the group has been in the works since last March. But with the recent Hot Coffee scandal regarding sexual content in "Grand Theft Auto: San Andreas," the Sex SIG announcement comes at a time when the industry is facing a great deal of scrutiny.

In addition to trying to ensure that there are no further Hot Coffee-esque scandals, SIG will focus on trying to provide developers with resources about adult-oriented games, including lists of all games that incorporate such content as well as categorizations of games to indicate the extremity of the content.

Wild about wireless
San Francisco Mayor Gavin Newsom wants to make Wi-Fi coverage in the city as ubiquitous as the fog that blankets its neighborhoods. Joining several other municipalities poised to do the same thing, the city recently invited nonprofits and private businesses to bid on the proposed project, which would offer Wi-Fi access over the town's entire 49 square miles, according to Newsom's office.

One of the major goals of the project, according to Newsom's office, is to serve the city's less affluent by providing free or inexpensive wireless service to low-income neighborhoods. To augment that part of the plan, Newsom's office said, Dell and a handful of other computer makers have already agreed to provide free computers to the city's poor.

It's the kind of plan that Intel would like to see more cities adopting. The chipmaker and several corporate partners launched a program aimed at helping cities use wireless networks to better serve their citizens--and perhaps make a little cash on the side.

Thirteen cities are currently participating in the initiative, called "Digital Communities." Its goal is to give cities technical resources and discounts to help them establish or build out their broadband wireless infrastructure so they can better connect with police and fire personnel as well as with public-works employees such as meter readers and building inspectors. The program also educates city leaders on ways they can use their wireless network as a commercial service, by selling access to the system and by providing wireless services to consumers.

Meanwhile, a small wireless Internet service provider in Idaho and a wireless equipment start-up claim to have set a record for transmitting data across a wireless link. Microserv Computer Technologies, based in Idaho Falls, and Trango Broadband Wireless, a fixed-wireless broadband equipment maker, announced that they wirelessly transmitted data over unlicensed spectrum 137.2 miles.

Microserv used gear from Trango to establish the wireless links between two mountaintops in Idaho using the 2.4GHz and 5.8Ghz wireless spectrum. The link was able to transmit an FTP file transfer at the rate of 2.3 megabits per second. The equipment used was not based on standard 802.11 wireless technology, but instead used proprietary radio technology from Trango.

Also of note
Google announced plans to seek more capital by selling 14.2 million shares of common stock on the public market...A group of American authors has decided to auction names of characters in their forthcoming novels, in a bid to raise funds for the First Amendment Project...Researchers at IBM are testing software that would let you tote your home or office desktop around on an iPod or similar portable device so that you could run it on any PC.