|
|
However, the virus can be evaded if the PC is patched with the latest Microsoft security fixes. But according to Microsoft at least one third of PCs have not yet been updated which comes as a major threat to these computers. The chief researcher of F-Secure, Mikko Hypponen said that such a large scale of virus attack has not been witnessed before.
While demonstrating the virus, Microsoft says that the worm abuses a bug in the Windows Server service used by Windows 2000, XP, Vista, Server 2003 and Server 2008. The worm works by searching for a Windows executable file called 'services.exe' and then becomes part of that code. After its gets inside a PC, the virus generates a list of possible domains, selects one and then uses that domain to reach a malicious server from which it downloads additional malware to install on the captured machine. Downadup is a very critical virus as it becomes much harder for security experts to shut it down.
