Users login

Create an account »


Users login

Home » Hacking News » Another Plug-and-Play vulnerability misuse

Another Plug-and-Play vulnerability misuse

by Nikola Strahija on August 16th, 2005 The Microsoft Plug-and-Play vulnerability exploited by the ZoTob worm has been used once more, now to create an IRC bot.

IRCBot-ES uses the vulnerability to spread instead of more common vectors such as Windows RPC security vulns.

Early indications are that IRCBot-ES may be more harmful than ZoTob because it's easily capable of spreading around internal networks once an infected machine is plugged into a Lan. Anti-virus firm F-secure reports that one organisation has suffered widespread infection from IRCBot-ES via this mechanism.

The clear interest from malware authors in the vulnerability underlines the need for Windows users to get their systems patched up.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »