UPDATE: As of September 6, 2002, reports of malicious activity that follow the
particular pattern that is outlined in this article have lessened significantly. The
Microsoft Product Support Services Security Team has modified this Microsoft
Knowledge Base article to reflect this information and to refine suggestions for
detection and repair criteria.
Microsoft has investigated an increase in malicious activity that tries to load code on
Microsoft Windows 2000-based servers. This activity is typically associated with a
program that has been identified as Backdoor.IRC.Flood.
By analyzing computers that have been compromised, Microsoft has determined that
these attacks do not appear to exploit any new product-related security
vulnerabilities and do not appear to be viral or worm-like in nature. Instead, the
attacks seek to take advantage of situations where standard precautions have not
been taken as detailed in the "Prevention" section of this article. The activity appears
to be associated with a coordinated series of individual attempts to compromise
Windows 2000-based servers. As a result, successful compromises leave a distinctive
pattern.
particular pattern that is outlined in this article have lessened significantly. The
Microsoft Product Support Services Security Team has modified this Microsoft
Knowledge Base article to reflect this information and to refine suggestions for
detection and repair criteria.
Microsoft has investigated an increase in malicious activity that tries to load code on
Microsoft Windows 2000-based servers. This activity is typically associated with a
program that has been identified as Backdoor.IRC.Flood.
By analyzing computers that have been compromised, Microsoft has determined that
these attacks do not appear to exploit any new product-related security
vulnerabilities and do not appear to be viral or worm-like in nature. Instead, the
attacks seek to take advantage of situations where standard precautions have not
been taken as detailed in the "Prevention" section of this article. The activity appears
to be associated with a coordinated series of individual attempts to compromise
Windows 2000-based servers. As a result, successful compromises leave a distinctive
pattern.
No comments:
Post a Comment