DHS CERT hunts new cyber worm

Friday - 9/10/2010, 8:30am EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on the Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and the DorobekINSIDER with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area. The Cybersecurity Update is brought to you by Tripwire.

  • A new internet worm is spreading across federal government and private industry. The email virus called "HERE YOU GO" or "JUST FOR YOU" emails the contents of your address book and spreads through mapped drives, remote machines and removable media. A DHS official tells Federal News Radio US-CERT has received multiple reports from a number of federal agencies. They are in the process of collecting and analyzing samples and have developed and distributed ways to mitigate any damage. The HERE YOU HAVE worm requires you to click on the link in order to infect your system. Anyone receiving the email is strongly encouraged NOT to click on the link. A DHS official says they are not able to comment on which specific federal agencies are dealing with the worm but says the ops guys are rather busy.

  • Microsoft will have a prolific Patch Tuesday next week as it issues 9 updates. That's more than double the number of patches issued in earlier months this year. Four of the updates have the highest threat ranking of CRITICAL. The remaining five have the second highest threat ranking of IMPORTANT. Some of these could be patches for the Dynamic Link Library or DLL issue, reports InfoWorld. The vulnerabilities in Microsoft were first revealed three weeks ago when it was discovered that several dozen Windows programs were flawed because they improperly loaded code libraries which gave hackers a way to hijack a PC by tricking the application into calling on a malicious DLL.

Check out all of Federal News Radio's coverage of cybersecurity issues here.