Article ID : S1Q0088 / Last Modified : 08/17/2005

Warning about W32ZotobE and W32EsbotA Worm Viruses!

Applicable Products and Categories of This Article

W32.Zotob.E and W32.Esbot.A are new worms that exploit a Microsoft vulnerability (MS05-039), announced last on August 9, 2005.

What are they?
These worms are the most significant of a series of threats targeting unpatched Microsoft® Windows® operating systems. W32.Zotob.E and W32.Esbot.A are both network-based worms that exploit the Microsoft Windows Plug and Play Buffer Overflow Vulnerability in an attempt to compromise hosts and spread to new systems. For more details, please see Microsoft Security Bulletin MS05-039.


What should you do?

  • Ensure that your computer is updated with the latest Microsoft® operating system security patches and updates.
  • Customers who use Norton Antivirus™ or Norton Internet Security™ - Virus details are available on the Symantec Security Response Web page. A new virus definition is now available and can be obtained via LiveUpdate. This allows Symantec™ Norton AntiVirus™ to detect and remove this threat. Customers who need to purchase or renew their Norton Internet Security™ can go to http://www.symantecstore.com/promo=84161.
  • Customers using other AntiVirus/Internet security programs should check on their program vendor web site for information or contact them directly.