Cuebot worms exploit Microsoft vulnerability

Security gurus are warning of the dangers of the Cuebot-L and Cuebot-M worms, which spread by exploiting a critical security vulnerability affecting Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition.

The flaw in question, outlined in Microsoft Security Bulletin MS06-040, when successfully exploited could allow an attacker to take complete control of an affected system. The authors of Cuebot-L and M have successfully utilised this, and have given the worms the ability to spread via AOL Instant Messenger.

When one of these worms is successfully installed, it turns off the Windows Firewall and opens a backdoor allowing a malicious attacker to gain access to and control over the system. Microsoft is strongly urging users to install a patch for MS06-040.

"Microsoft is once again in the difficult situation of trying to convince its customers that Windows is becoming more secure, despite this onslaught of malware designed to exploit its vulnerabilities."

"As always, users are encouraged to take the necessary steps to ensure their PCs are properly protected with up-to-date security patches, antivirus software and a firewall as soon as possible."