'Witty' Worm Wrecks Computers
A quickly spreading Internet worm destroyed or damaged tens of thousands of personal computers worldwide Saturday morning by exploiting a security flaw in a firewall program designed to protect PCs from online threats, computer experts said.
The "Witty" worm writes random data onto the hard drives of computers equipped with the Black Ice and Real Secure Internet firewall products, causing the drives to fail and making it impossible to restart the PCs. Unlike many recent worms that arrive as e-mail attachments, it spreads automatically to vulnerable computers without any action on the part of the user.
At least 50,000 computers have been infected so far, according to Reston, Va.-based computer security firm iDefense and the Bethesda, Md.-based SANS Institute.
The firewalls were developed by Atlanta-based Internet Security Systems. Chris Rouland, vice president of the company's X-Force research and development division, said that as many as 32,000 corporate computers could be infected. The company does not know how many home users are infected. ISS released a patch and a detailed writeup of the affected products.
Most infected computers will have to be rebuilt from scratch unless their owners instead decide to buy new ones, said Ken Dunham, a computer security expert at iDefense.
