Symantec Reports: Microsoft’s Vulnerability genesis of New Worm

The malicious "Randex.gel" bug releases the access code of every unprotected computer and seems to be an offshoot of other Randex editions, with just the MS06-040 susceptibility combined.

Symantec Corp. the world leader in information security alleged, a bug is on the trail affecting computer systems preying on limitations in the operating system of Windows.

Some companies and a few clients are being targeted by a virus connected to a flaw in Microsoft affecting all the endorsed variants of the operating system of Windows, as stated by Symantec Corp's security response team's director, Oliver Friedrich's.

The virus has been established as a web - sensitive virus called Randex. It directs the computer to focus on added instructions beyond flash messaging links, susceptible to Microsoft's flaw. It subsequently permits a cyber-terrorist to operate programs, download, initiate a refusal-of-service strike, erase records or form another account together with complete user privileges.

Randex.gel compounds the risk in the Windows operating service that Microsoft fixed on Aug. 8 to the trio. The manipulation in Randex.gel seems to be similar, or perhaps, identical to the code issued two weeks back by Metasploit's HD Moore.

Previous variants of the Randex virus family damaged former repaired faults in Windows, such as those repaired by MS04-007, MS05-017, and MS05-039. The final patch that suppressed a flaw in Windows' Plug and Play service was exploited by the Zotob virus in 2005 to strike predominantly media companies.

The new Randex virus, which is the variation of a former edition, can infiltrate flash messaging systems such as Yahoo Messenger, MSN Messenger and AOL Instant Messaging. It's capable of affecting computers via network allocations and the host server of Microsoft SQL. Any stored information can be corrupted within the SQL server. The virus is noted for pilfering account data whenever the holders of eGoldcard access the payment gateway for a transaction.

Nevertheless, even if Randex is compelling it isn't the fateful virus that people were anticipating after Microsoft fixed the Server service with MS06-040. There are effective quantities of systems that have been affected by MS06-040 activities. But it is not attained endemic dimensions.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 9/2/2006