Nimda worm poses high risk to security, warns CA

Computer Associates is warning that the Nimda worm, that surfaced last week, poses a high risk threat to infrastructure througout the region

  • E-Mail
By  Mark Sutton Published  September 25, 2001

Computer Associates is warning that the Nimda worm, that appeared last week, may pose a considerable danger to systems in the region. The worm has been classified as a ‘High Risk Threat’ by Computer Associates eTrust global anti-virus researchers. The worm does not have a highly destructive payload, but reveals a number of new flaws and vulnerabilities that may be exploited at a later date.

Nimda is capable of spreading through a variety of means, including e-mail, open network shares and through the Unicode Web Travesal vulnerability in Microsoft’s IIS web server software. It spreads through Outlook as an email, with a random header and no body text and an attachment ‘README.EXE’. It can also propagate through an infected web server, which will spread the worm to visitors to the site.

“What we see with Nimda are several things being combined in a way we have not seen before, with the added capability of affecting web servers, business and home computer users,” said Abdul Karim Riyaz, marketing manager for CA-ME.

“Based on the characteristics of Nimda, this may be a ‘proof-of-concept’ threat to test the Internet waters. Preventing future outbreaks of similar threats can only be accomplished through the vigilant practice of patch application, risk and policy assessment, and a fortified defense of internet security solutions,” added Riyaz.
Users are advised to make sure they have updated anti-virus software and that servers have the relevant patches installed. For more information see http://support.ca.com

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code