WORM_ZOTOB.N

Malware type: Worm In the wild: Yes Destructive: No Language: English Platform: Windows 98, ME, NT, 2000, XP, Server 2003 Encrypted: No Characteristics: Propagates via software vulnerabilities	Overall risk rating: Low Reported infections: Low Damage potential: High Distribution potential: High
Description: This memory-resident worm propagates by exploiting the Windows Plug and Play vulnerability. For more information, please refer to the Microsoft Security Bulletin MS05-039 page. It is dropped by other malware as UPDATE.EXE in the Windows system folder. Upon execution, it downloads and executes certain files from a certain Web site. It is capable of launching a SYNC flood type of denial of service attack that consumes system resources. For additional information about this threat, see: Solution Technical Details Statistics