Microsoft has today released a statement regarding the Zotob worm (also reported as Botzor, Botzor.exe, and, incorrectly, as Zobot and rbot.ebq or rbot.cbq), which crashed computer systems across the nation yesterday.
The Zotob worm, which takes advantage of a flaw in the Windows Plug and Play system, has been blamed for crashing computers at two CNN sites, ABC news, the New York Times, and the United States Congress, among others.
Says Microsoft “Microsoft has reviewed the situation and continues to rate the issue as a low threat for customers.”
Here is the text of the full statement from Microsoft:
“Microsoft Statement Regarding Zotob
The Internet worm called Zotob targets Windows 2000; customers running Windows XP and other Windows versions are not impacted.
REDMOND, Wash., August 16, 2005 — There are currently a number of press reports regarding an Internet worm called Zotob. News reports had indicated that there was potentially a new worm. We are not aware at this time of a new attack; instead our analysis has revealed that the reported worms are different variations of the existing attack called Zotob. Microsoft has reviewed the situation and continues to rate the issue as a low threat for customers.
Zotob has thus far had a low rate of infection. Zotob only targets Windows 2000. Customers running other versions such as Windows XP, or customers who have applied the MS05-039 update to Windows 2000 are not impacted by this attack.
Customers in the U.S. and Canada who believe they may have been affected by this attack can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support that is associated with security update issues or viruses. International customers can receive support by using any of the methods that are listed at Security Help and Support for Home Users Web site.
Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country.
All customers should apply the most recent security updates released by Microsoft to help ensure that their systems are protected from attempted exploitation. Customers who have enabled Automatic Updates will automatically receive all Windows updates. For more information about security updates, visit the Microsoft Security Web site.