Ron said:
Note that #1 is Net-Worm.Win32.Mytob.c
Which accounts for a whopping 26% of activity for April.
Also note that Mytob.c (and varients of Gaobot) propagates via the
LSASS vulnerability - which affects Win-2k and XP (but not Win-98).
And before you tell me that Win-98 was vulnerable, look under the
win-98 column on this page:
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx.
The LSASS vulnerability was recognized in 2004 (although it has a CVE
number starting with 2003 ?).
As usual, many Macro$haft advisory pages mention that the advisory
also pertains to Win-98 - "see the FAQ section for details" - and then
there's no mention of Win-98 in the FAQ section. Many other
information sources then base their content on this and they lump 98
in with other versions regarding system vulnerability.
So here we are in 2006, a year or two after SP2 for XP, and the most
active virus last month is taking advantage of a 2 or 3-year-old
vulnerability . What does that say about how well XP is being
maintained "in the field" ???
