Discovered: March 20, 2004
Updated: February 13, 2007 12:19:50 PM
Also Known As: W32/Witty.worm [McAfee], WORM_WITTY.A [Trend]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Note: Because the worm resides in memory only and is not written to disk, virus definitions do not detect this threat. Symantec Security Response recommends that you follow the steps described below to remove this threat.
- Obtain the patch for the vulnerability from http://www.iss.net/download/.
- Disconnect the affected computer from the network.
- Restart the computer to remove the threat from memory.
Note: If the computer has been infected, it may not restart properly. If this occurs, Symantec Security Response recommends using a data recovery program.
- Apply the patch.
- Reconnect to the network.
Writeup By: Eric Chien
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine