Skip to main content
U.S. Edition

Worm strikes down Windows 2000 systems

Microsoft in 'emergency response' as worm reported on three continents



How would you rate the threat posed by computer worms and viruses?
Getting better
Getting worse
Same as 5 years ago
or View Results


Computer Worm
Computer Security

WASHINGTON (CNN) -- A fast-moving computer worm Tuesday attacked computer systems using Microsoft operating systems, shutting down computers in the United States, Germany and Asia.

Among those hit were offices on Capitol Hill, which is in the midst of August recess, and media organizations, including CNN, ABC and The New York Times. Caterpillar Inc., in Peoria, Illinois, reportedly also had problems.

A small number of computers in an administrative office at San Francisco International Airport also crashed, but they were not essential to the airport's operation, spokesman Mike McCarron said.

The FBI said the computer problems did not appear to be part of any widespread attack.

While the worm affects primarily Windows 2000, it also can affect some early versions of Microsoft XP, said Johannes Ullrich, chief technology officer of the Sans Institute, a network security firm based in Jacksonville, Florida.

Symptoms include the repeated shutdown and rebooting of a computer.

Microsoft has a downloadable patch on its security homepage,

The director of Microsoft's security response center, Debbie Fry Wilson, said the computer giant was in an "emergency response" mode. "Right now, we're mobilizing our two war rooms," she told CNN.

"The key thing I want to stress for customers is making sure that they install security updates as quickly as possible," Wilson said.

Although she said that the number of affected computers is unclear, most Windows 2000 customers are business users. And automatic security updates would have protected most home users, she said. Wilson added that "at least 200 million computer users worldwide" have downloaded the patch.

Business software provider AssetMetrix reported in June that Computers running Windows 2000 were on about half of all corporate desks.

Microsoft is working with law enforcement to track down those who unleashed the worm, Wilson said.

Lysa Myers, a virus researcher for the computer security firm McAfee, Inc., said the worm exploits a vulnerability in Microsoft's plug-and-play service. "How it's spreading is it's looking for machines that are unpatched and running itself," she said.

What was causing the damage was unclear, although experts pointed to a new worm called worm-rbot.cbq.

David Perry of Trend Micro, an Internet monitoring firm, said the latest worm may have been derived from the Zotob worm, which was first reported over the weekend.

Ullrich, of the Sans Institute, said Zotob "will connect to a control server to ask for instructions. It scans network neighborhoods and tries to infect them, as well."

Typically, the worm enters a system via a laptop connected to unsecured networks, Ullrich said. "This laptop will infect your systems from the inside."

Several versions of the worm have been released, some as late as Tuesday, he said.

Around 5 p.m. problems began at CNN facilities in New York and Atlanta before being cleared up about 90 minutes later.

The New York Times also was able to bring its systems back up, and "newspaper production will not be affected," spokeswoman Kathy Park said.

The White House said it did not have reports of computer problems.

Improved firewalls and faster patches may have limited the worm's spread, said Jeff Havrila, a technical analyst with the U.S. Computer Emergency Readiness Team, a coalition of public and private groups that combats computer attacks.

He also said it is unclear how long the worm may take to run its course, noting that many people are away on summer vacation and may be affected only when they return.

At any given time there are thousands of computer worms and viruses in existence. Last year, the Sasser worm shut down millions of computers worldwide. A German teenager has been sentenced to 21 months' probation (Full story).

Story Tools
Click Here to try 4 Free Trial Issues of Time! cover
Top Stories
Get up-to-the minute news from CNN gives you the latest stories and video from the around the world, with in-depth coverage of U.S. news, politics, entertainment, health, crime, tech and more.
Top Stories
Get up-to-the minute news from CNN gives you the latest stories and video from the around the world, with in-depth coverage of U.S. news, politics, entertainment, health, crime, tech and more.
CNN TV E-mail Services CNN Mobile CNNAvantGo Ad Info About Us Preferences
© 2007 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us. Site Map.
Offsite Icon External sites open in new window; not endorsed by
Pipeline Icon Pay service with live and archived video. Learn more
Radio News Icon Download audio news  |  RSS Feed Add RSS headlines